CVE-2018-1466
N/A
N/A
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | SAN Volume Controller | 6.1 | affected |
| IBM | SAN Volume Controller | 6.2 | affected |
| IBM | SAN Volume Controller | 6.3 | affected |
| IBM | SAN Volume Controller | 6.4 | affected |
| IBM | SAN Volume Controller | 7.1 | affected |
| IBM | SAN Volume Controller | 7.5 | affected |
| IBM | SAN Volume Controller | 7.6 | affected |
| IBM | SAN Volume Controller | 7.6.1 | affected |
| IBM | SAN Volume Controller | 7.7 | affected |
| IBM | SAN Volume Controller | 7.7.1 | affected |
| IBM | SAN Volume Controller | 7.8 | affected |
| IBM | SAN Volume Controller | 7.8.1 | affected |
| IBM | SAN Volume Controller | 8.1 | affected |
| IBM | Storwize V5000 | 7.1 | affected |
| IBM | Storwize V5000 | 7.5 | affected |
| IBM | Storwize V5000 | 7.6 | affected |
| IBM | Storwize V5000 | 7.6.1 | affected |
| IBM | Storwize V5000 | 7.7 | affected |
| IBM | Storwize V5000 | 7.7.1 | affected |
| IBM | Storwize V5000 | 7.8 | affected |
| IBM | Storwize V5000 | 7.8.1 | affected |
| IBM | Storwize V5000 | 8.1 | affected |
| IBM | Storwize V5000 | 6.1 | affected |
| IBM | Storwize V5000 | 6.2 | affected |
| IBM | Storwize V5000 | 6.3 | affected |
| IBM | Storwize V5000 | 6.4 | affected |
| IBM | Storwize V5000 | 7.2 | affected |
| IBM | Storwize V5000 | 7.3 | affected |
| IBM | Storwize V5000 | 7.4 | affected |
| IBM | Storwize V5000 | 8.1.1 | affected |
| IBM | Spectrum Virtualize Software | 7.5 | affected |
| IBM | Spectrum Virtualize Software | 7.6 | affected |
| IBM | Spectrum Virtualize Software | 7.6.1 | affected |
| IBM | Spectrum Virtualize Software | 7.7 | affected |
| IBM | Spectrum Virtualize Software | 7.7.1 | affected |
| IBM | Spectrum Virtualize Software | 7.8 | affected |
| IBM | Spectrum Virtualize Software | 7.8.1 | affected |
| IBM | Spectrum Virtualize Software | 8.1 | affected |
| IBM | Spectrum Virtualize Software | 6.1 | affected |
| IBM | Spectrum Virtualize Software | 6.2 | affected |
| IBM | Spectrum Virtualize Software | 6.3 | affected |
| IBM | Spectrum Virtualize Software | 6.4 | affected |
| IBM | Spectrum Virtualize Software | 7.1 | affected |
| IBM | Spectrum Virtualize Software | 7.2 | affected |
| IBM | Spectrum Virtualize Software | 7.3 | affected |
| IBM | Spectrum Virtualize Software | 7.4 | affected |
| IBM | Spectrum Virtualize Software | 8.1.1 | affected |
| IBM | Storwize V7000 (2076) | 6.1 | affected |
| IBM | Storwize V7000 (2076) | 6.2 | affected |
| IBM | Storwize V7000 (2076) | 6.3 | affected |
| IBM | Storwize V7000 (2076) | 6.4 | affected |
| IBM | Storwize V7000 (2076) | 7.1 | affected |
| IBM | Storwize V7000 (2076) | 7.2 | affected |
| IBM | Storwize V7000 (2076) | 7.3 | affected |
| IBM | Storwize V7000 (2076) | 7.4 | affected |
| IBM | Storwize V7000 (2076) | 1.1 | affected |
| IBM | Storwize V7000 (2076) | 7.5 | affected |
| IBM | Storwize V7000 (2076) | 7.6 | affected |
| IBM | Storwize V7000 (2076) | 7.6.1 | affected |
| IBM | Storwize V7000 (2076) | 7.7 | affected |
| IBM | Storwize V7000 (2076) | 7.7.1 | affected |
| IBM | Storwize V7000 (2076) | 7.8 | affected |
| IBM | Storwize V7000 (2076) | 7.8.1 | affected |
| IBM | Storwize V7000 (2076) | 8.1 | affected |
| IBM | Storwize V7000 (2076) | 8.1.1 | affected |
| IBM | Storwize V3700 | 7.1 | affected |
| IBM | Storwize V3700 | 6.4 | affected |
| IBM | Storwize V3700 | 7.5 | affected |
| IBM | Storwize V3700 | 7.6 | affected |
| IBM | Storwize V3700 | 7.6.1 | affected |
| IBM | Storwize V3700 | 7.7 | affected |
| IBM | Storwize V3700 | 7.7.1 | affected |
| IBM | Storwize V3700 | 7.8 | affected |
| IBM | Storwize V3700 | 7.8.1 | affected |
| IBM | Storwize V3700 | 8.1 | affected |
| IBM | Storwize V3700 | 6.1 | affected |
| IBM | Storwize V3700 | 6.2 | affected |
| IBM | Storwize V3700 | 6.3 | affected |
| IBM | Storwize V3700 | 7.2 | affected |
| IBM | Storwize V3700 | 7.3 | affected |
| IBM | Storwize V3700 | 7.4 | affected |
| IBM | Storwize V3700 | 8.1.1 | affected |
| IBM | Storwize V3500 | 6.4 | affected |
| IBM | Storwize V3500 | 7.1 | affected |
| IBM | Storwize V3500 | 7.5 | affected |
| IBM | Storwize V3500 | 7.6 | affected |
| IBM | Storwize V3500 | 7.6.1 | affected |
| IBM | Storwize V3500 | 7.7 | affected |
| IBM | Storwize V3500 | 7.7.1 | affected |
| IBM | Storwize V3500 | 7.8 | affected |
| IBM | Storwize V3500 | 7.8.1 | affected |
| IBM | Storwize V3500 | 8.1 | affected |
| IBM | Storwize V3500 | 6.1 | affected |
| IBM | Storwize V3500 | 6.2 | affected |
| IBM | Storwize V3500 | 6.3 | affected |
| IBM | Storwize V3500 | 7.2 | affected |
| IBM | Storwize V3500 | 7.3 | affected |
| IBM | Storwize V3500 | 7.4 | affected |
| IBM | Storwize V3500 | 8.1.1 | affected |
| IBM | FlashSystem V9000 | 7.5 | affected |
| IBM | FlashSystem V9000 | 7.6 | affected |
| IBM | FlashSystem V9000 | 7.6.1 | affected |
| IBM | FlashSystem V9000 | 7.7 | affected |
| IBM | FlashSystem V9000 | 7.7.1 | affected |
| IBM | FlashSystem V9000 | 7.8 | affected |
| IBM | FlashSystem V9000 | 7.8.1 | affected |
| IBM | FlashSystem V9000 | 8.1 | affected |
| IBM | FlashSystem V9000 | 6.1 | affected |
| IBM | FlashSystem V9000 | 6.2 | affected |
| IBM | FlashSystem V9000 | 6.3 | affected |
| IBM | FlashSystem V9000 | 6.4 | affected |
| IBM | FlashSystem V9000 | 7.1 | affected |
| IBM | FlashSystem V9000 | 7.2 | affected |
| IBM | FlashSystem V9000 | 7.3 | affected |
| IBM | FlashSystem V9000 | 7.4 | affected |
| IBM | FlashSystem V9000 | 8.1.1 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.5 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.6 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.6.1 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.7 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.7.1 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.8 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.8.1 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 8.1 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 6.1 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 6.2 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 6.3 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 6.4 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.1 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.2 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.3 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.4 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 8.1.1 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/140397
- http://www.ibm.com/support/docview.wss?uid=ssg1S1012282
- http://www.securityfocus.com/bid/104349
- http://www.ibm.com/support/docview.wss?uid=ssg1S1012263
- http://www.ibm.com/support/docview.wss?uid=ssg1S1012283
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/140397
- http://www.ibm.com/support/docview.wss?uid=ssg1S1012282
- http://www.securityfocus.com/bid/104349
- http://www.ibm.com/support/docview.wss?uid=ssg1S1012263
- http://www.ibm.com/support/docview.wss?uid=ssg1S1012283
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.