Cross-Site Request Forgery Vulnerability in IBM Storage Solutions
CVE-2018-1434

8.8HIGH

Key Information:

Vendor: IBM
Status: Flashsystem V9000; Storwize V3700; Storwize V5000; Spectrum Virtualize Software
Vendor: CVE Published:; 17 May 2018

What is CVE-2018-1434?

IBM storage solutions, including the SAN Volume Controller, Storwize, Spectrum Virtualize, and FlashSystem, are vulnerable to a cross-site request forgery. This flaw allows attackers to execute unauthorized actions by sending requests from trusted users. Effective mitigation measures are recommended to address this security issue.