Information Disclosure Vulnerability in IBM Storwize V7000 Unified
CVE-2019-4293

5.3MEDIUM

Key Information:

Vendor
IBM
Status
Storwize V7000 Unified (2073)
Vendor
CVE Published:
20 May 2019

Summary

An information disclosure vulnerability in the IBM Storwize V7000 Unified (2073) version 1.6 can potentially expose the server version due to default installation settings. This exposure could be leveraged by attackers to initiate further targeted attacks on the system, compromising its security. Users are advised to evaluate their configurations and apply necessary security patches to mitigate any risks associated with this vulnerability.

Affected Version(s)

Storwize V7000 Unified (2073) 1.6

References

https://www.ibm.com/support/docview.wss?uid=ibm10884656
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/160699
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/108445
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.