Information Disclosure in IBM Storwize V7000 Unified Management Interface
CVE-2018-1467
5.3MEDIUM
Summary
The IBM Storwize V7000 Unified management web interface version 1.6 exposes sensitive internal cluster details to unauthenticated users, potentially allowing for unauthorized access to critical system information. This vulnerability raises concerns regarding data confidentiality and can lead to further security risks if exploited.
Affected Version(s)
Storwize V7000 Unified (2073) 1.6
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved