IBM Scale Out Network Attached Storage Vulnerability Exposes Administrative Password
CVE-2014-3045

Currently unrated

Key Information:

Vendor: IBM
Status: Scale Out Network Attached Storage
Vendor: CVE Published:; 19 July 2014

What is CVE-2014-3045?

IBM Scale Out Network Attached Storage (SONAS) versions 1.3.x and 1.4.x prior to 1.4.3.3 contain a vulnerability where administrative passwords are unintentionally stored in shell history when the -p option is used with the chuser command. This flaw can be exploited by local users with root privileges to access sensitive information, thereby compromising system security and potentially leading to unauthorized access.

References

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004815

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 19, 2014
Vulnerability Reserved
Apr 29, 2014