Information Disclosure in IBM Storwize V7000 Unified Management Interface
CVE-2018-1467

5.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
25 May 2018

Summary

The IBM Storwize V7000 Unified management web interface version 1.6 exposes sensitive internal cluster details to unauthenticated users, potentially allowing for unauthorized access to critical system information. This vulnerability raises concerns regarding data confidentiality and can lead to further security risks if exploited.

Affected Version(s)

Storwize V7000 Unified (2073) 1.6

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.