Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cnvd-2018-11110
Vulnerability from cnvd
Title: 多款IBM产品信息泄露漏洞(CNVD-2018-11110)
Description:
IBM SAN Volume Controller(SVC)等都是美国IBM公司的存储系统。IBM SVC是一套虚拟化存储系统;Storwize是一套专为中小型企业定制的磁盘存储系统;Spectrum Virtualize是一套光谱存储系统;FlashSystem是一套全闪存存储系统。
多款IBM产品中存在安全漏洞。攻击者可利用该漏洞访问系统文件(部分文件含有账户凭证)。
Severity: 高
Patch Name: 多款IBM产品信息泄露漏洞(CNVD-2018-11110)的补丁
Patch Description:
IBM SAN Volume Controller(SVC)等都是美国IBM公司的存储系统。IBM SVC是一套虚拟化存储系统;Storwize是一套专为中小型企业定制的磁盘存储系统;Spectrum Virtualize是一套光谱存储系统;FlashSystem是一套全闪存存储系统。
多款IBM产品中存在安全漏洞。攻击者可利用该漏洞访问系统文件(部分文件含有账户凭证)。 目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012263; http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012282; http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012283
Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-1463 https://www.securityfocus.com/bid/104349
Impacted products
| Name | ['IBM SAN Volume Controller 7.3', 'IBM SAN Volume Controller 7.4', 'IBM SAN Volume Controller 7.5', 'IBM SAN Volume Controller 7.6', 'IBM SAN Volume Controller 7.6.1', 'IBM SAN Volume Controller 7.7', 'IBM SAN Volume Controller 7.7.1', 'IBM SAN Volume Controller 7.8', 'IBM SAN Volume Controller 7.8.1', 'IBM SAN Volume Controller 8.1', 'IBM SAN Volume Controller 8.1.1', 'IBM Storwize 6.1', 'IBM Storwize 6.2', 'IBM Storwize 6.3', 'IBM Storwize 6.4', 'IBM Storwize 7.1', 'IBM Storwize 7.2', 'IBM Storwize 7.3', 'IBM Storwize 7.4', 'IBM Storwize 7.5', 'IBM Storwize 7.6', 'IBM Storwize 7.6.1', 'IBM Storwize 7.7', 'IBM Storwize 7.7.1', 'IBM Storwize 7.8', 'IBM Storwize 7.8.1', 'IBM Storwize 8.1', 'IBM Storwize 8.1.1', 'IBM Spectrum Virtualize 6.1', 'IBM Spectrum Virtualize 6.2', 'IBM Spectrum Virtualize 6.3', 'IBM Spectrum Virtualize 6.4', 'IBM Spectrum Virtualize 7.1', 'IBM Spectrum Virtualize 7.2', 'IBM Spectrum Virtualize 7.3', 'IBM Spectrum Virtualize 7.4', 'IBM Spectrum Virtualize 7.5', 'IBM Spectrum Virtualize 7.6', 'IBM Spectrum Virtualize 7.6.1', 'IBM Spectrum Virtualize 7.7', 'IBM Spectrum Virtualize 7.7.1', 'IBM Spectrum Virtualize 7.8', 'IBM Spectrum Virtualize 7.8.1', 'IBM Spectrum Virtualize 8.1', 'IBM Spectrum Virtualize 8.1.1', 'IBM FlashSystem 6.1', 'IBM FlashSystem 6.2', 'IBM FlashSystem 6.3', 'IBM FlashSystem 6.4', 'IBM FlashSystem 7.1', 'IBM FlashSystem 7.2', 'IBM FlashSystem 7.3', 'IBM FlashSystem 7.4', 'IBM FlashSystem 7.5', 'IBM FlashSystem 7.6', 'IBM FlashSystem 7.6.1', 'IBM FlashSystem 7.7', 'IBM FlashSystem 7.7.1', 'IBM FlashSystem 7.8', 'IBM FlashSystem 7.8.1', 'IBM FlashSystem 8.1', 'IBM FlashSystem 8.1.1', 'IBM SAN Volume Controller 6.1', 'IBM SAN Volume Controller 6.2', 'IBM SAN Volume Controller 6.3', 'IBM SAN Volume Controller 6.4', 'IBM SAN Volume Controller 7.1', 'IBM SAN Volume Controller 7.2'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-1463"
}
},
"description": "IBM SAN Volume Controller\uff08SVC\uff09\u7b49\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u5b58\u50a8\u7cfb\u7edf\u3002IBM SVC\u662f\u4e00\u5957\u865a\u62df\u5316\u5b58\u50a8\u7cfb\u7edf\uff1bStorwize\u662f\u4e00\u5957\u4e13\u4e3a\u4e2d\u5c0f\u578b\u4f01\u4e1a\u5b9a\u5236\u7684\u78c1\u76d8\u5b58\u50a8\u7cfb\u7edf\uff1bSpectrum Virtualize\u662f\u4e00\u5957\u5149\u8c31\u5b58\u50a8\u7cfb\u7edf\uff1bFlashSystem\u662f\u4e00\u5957\u5168\u95ea\u5b58\u5b58\u50a8\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eIBM\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u7cfb\u7edf\u6587\u4ef6\uff08\u90e8\u5206\u6587\u4ef6\u542b\u6709\u8d26\u6237\u51ed\u8bc1\uff09\u3002",
"discovererName": "Jan Bee, and Sebastian Neuner",
"formalWay": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012263\uff1b\r\nhttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1012282\uff1b\r\nhttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1012283",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-11110",
"openTime": "2018-06-08",
"patchDescription": "IBM SAN Volume Controller\uff08SVC\uff09\u7b49\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u5b58\u50a8\u7cfb\u7edf\u3002IBM SVC\u662f\u4e00\u5957\u865a\u62df\u5316\u5b58\u50a8\u7cfb\u7edf\uff1bStorwize\u662f\u4e00\u5957\u4e13\u4e3a\u4e2d\u5c0f\u578b\u4f01\u4e1a\u5b9a\u5236\u7684\u78c1\u76d8\u5b58\u50a8\u7cfb\u7edf\uff1bSpectrum Virtualize\u662f\u4e00\u5957\u5149\u8c31\u5b58\u50a8\u7cfb\u7edf\uff1bFlashSystem\u662f\u4e00\u5957\u5168\u95ea\u5b58\u5b58\u50a8\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eIBM\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u7cfb\u7edf\u6587\u4ef6\uff08\u90e8\u5206\u6587\u4ef6\u542b\u6709\u8d26\u6237\u51ed\u8bc1\uff09\u3002\r\n\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eIBM\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-11110\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"IBM SAN Volume Controller 7.3",
"IBM SAN Volume Controller 7.4",
"IBM SAN Volume Controller 7.5",
"IBM SAN Volume Controller 7.6",
"IBM SAN Volume Controller 7.6.1",
"IBM SAN Volume Controller 7.7",
"IBM SAN Volume Controller 7.7.1",
"IBM SAN Volume Controller 7.8",
"IBM SAN Volume Controller 7.8.1",
"IBM SAN Volume Controller 8.1",
"IBM SAN Volume Controller 8.1.1",
"IBM Storwize 6.1",
"IBM Storwize 6.2",
"IBM Storwize 6.3",
"IBM Storwize 6.4",
"IBM Storwize 7.1",
"IBM Storwize 7.2",
"IBM Storwize 7.3",
"IBM Storwize 7.4",
"IBM Storwize 7.5",
"IBM Storwize 7.6",
"IBM Storwize 7.6.1",
"IBM Storwize 7.7",
"IBM Storwize 7.7.1",
"IBM Storwize 7.8",
"IBM Storwize 7.8.1",
"IBM Storwize 8.1",
"IBM Storwize 8.1.1",
"IBM Spectrum Virtualize 6.1",
"IBM Spectrum Virtualize 6.2",
"IBM Spectrum Virtualize 6.3",
"IBM Spectrum Virtualize 6.4",
"IBM Spectrum Virtualize 7.1",
"IBM Spectrum Virtualize 7.2",
"IBM Spectrum Virtualize 7.3",
"IBM Spectrum Virtualize 7.4",
"IBM Spectrum Virtualize 7.5",
"IBM Spectrum Virtualize 7.6",
"IBM Spectrum Virtualize 7.6.1",
"IBM Spectrum Virtualize 7.7",
"IBM Spectrum Virtualize 7.7.1",
"IBM Spectrum Virtualize 7.8",
"IBM Spectrum Virtualize 7.8.1",
"IBM Spectrum Virtualize 8.1",
"IBM Spectrum Virtualize 8.1.1",
"IBM FlashSystem 6.1",
"IBM FlashSystem 6.2",
"IBM FlashSystem 6.3",
"IBM FlashSystem 6.4",
"IBM FlashSystem 7.1",
"IBM FlashSystem 7.2",
"IBM FlashSystem 7.3",
"IBM FlashSystem 7.4",
"IBM FlashSystem 7.5",
"IBM FlashSystem 7.6",
"IBM FlashSystem 7.6.1",
"IBM FlashSystem 7.7",
"IBM FlashSystem 7.7.1",
"IBM FlashSystem 7.8",
"IBM FlashSystem 7.8.1",
"IBM FlashSystem 8.1",
"IBM FlashSystem 8.1.1",
"IBM SAN Volume Controller 6.1",
"IBM SAN Volume Controller 6.2",
"IBM SAN Volume Controller 6.3",
"IBM SAN Volume Controller 6.4",
"IBM SAN Volume Controller 7.1",
"IBM SAN Volume Controller 7.2"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-1463\r\nhttps://www.securityfocus.com/bid/104349",
"serverity": "\u9ad8",
"submitTime": "2018-05-18",
"title": "\u591a\u6b3eIBM\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-11110\uff09"
}
CVE-2018-1463 (GCVE-0-2018-1463)
Vulnerability from cvelistv5
Published
2018-05-17 21:00
Modified
2024-09-16 16:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104349 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/140368 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 | x_refsource_CONFIRM | |
| http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | IBM | Storwize V5000 |
Version: 7.1 Version: 7.5 Version: 7.6 Version: 7.6.1 Version: 7.7 Version: 7.7.1 Version: 7.8 Version: 7.8.1 Version: 8.1 Version: 6.1 Version: 6.2 Version: 6.3 Version: 6.4 Version: 7.2 Version: 7.3 Version: 7.4 Version: 8.1.1 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181463-info-disc(140368)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181463-info-disc(140368)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "ibm-storwize-cve20181463-info-disc(140368)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1463",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T16:52:50.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…