1. CVE-Search
  2. CVE-2014-4811
ID CVE-2014-4811
Summary IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*
    cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*
  • cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*
    cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*
  • cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*
    cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*
  • cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*
    cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 29-08-2017 - 01:35)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 69771
confirm http://www.ibm.com/support/docview.wss?uid=ssg1S1004846
secunia 61075
xf ibm-storwize-cve20144811-superuser(95387)
Last major update 29-08-2017 - 01:35
Published 12-09-2014 - 01:55
Last modified 29-08-2017 - 01:35
Back to Top