CVE-2018-1775

Summary

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757.

Affected Software

VendorProductVersion RangeStatus
IBMtorwize V70007.5affected
IBMtorwize V70008.2affected
IBMtorwize V35007.5affected
IBMtorwize V35008.2affected
IBMtorwize V37007.5affected
IBMtorwize V37008.2affected
IBMSpectrum Virtualize for Public Cloud7.5affected
IBMSpectrum Virtualize for Public Cloud8.2affected
IBMSpectrum Virtualize Software7.5affected
IBMSpectrum Virtualize Software8.2affected
IBMSAN Volume Controller7.5affected
IBMSAN Volume Controller8.2affected
IBMFlashSystem V90007.5affected
IBMFlashSystem V90008.2affected
IBMtorwize V50007.5affected
IBMtorwize V50008.2affected
IBMFlashSystem 9100 Family7.5affected
IBMFlashSystem 9100 Family8.2affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References