Local Privilege Escalation in IBM System Storage Virtualization Engine TS7700
CVE-2014-3048

Currently unrated

Key Information:

Vendor: IBM
Status: System Storage Virtualization Engine Ts7700 Firmware; System Storage Virtualization Engine Ts7700
Vendor: CVE Published:; 8 June 2014

What is CVE-2014-3048?

A vulnerability exists in the IBM System Storage Virtualization Engine TS7700 that could allow local users to gain unauthorized privileges. By exploiting the TSSC service-user role, an attacker can execute a specially crafted SSH command, potentially compromising the system's integrity. Properly configured user roles and access controls are crucial to mitigate this type of security risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/93434

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004653

x_refsource_CONFIRM

http://www.securityfocus.com/bid/67942

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 8, 2014
Vulnerability Reserved
Apr 29, 2014