CVE-2014-3077

Currently unrated

Key Information:

Vendor: IBM
Status: Storwize V7000 Unified Software; Storwize Unified V7000
Vendor: CVE Published:; 15 September 2014

Summary

IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

References

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004837

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/93906

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 15, 2014
Vulnerability Reserved
Apr 29, 2014