CVE-2018-1775
6.5
CVSS:3.0/A:N/AC:L/AV:N/C:H/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:T
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | torwize V7000 | 7.5 | affected |
| IBM | torwize V7000 | 8.2 | affected |
| IBM | torwize V3500 | 7.5 | affected |
| IBM | torwize V3500 | 8.2 | affected |
| IBM | torwize V3700 | 7.5 | affected |
| IBM | torwize V3700 | 8.2 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 7.5 | affected |
| IBM | Spectrum Virtualize for Public Cloud | 8.2 | affected |
| IBM | Spectrum Virtualize Software | 7.5 | affected |
| IBM | Spectrum Virtualize Software | 8.2 | affected |
| IBM | SAN Volume Controller | 7.5 | affected |
| IBM | SAN Volume Controller | 8.2 | affected |
| IBM | FlashSystem V9000 | 7.5 | affected |
| IBM | FlashSystem V9000 | 8.2 | affected |
| IBM | torwize V5000 | 7.5 | affected |
| IBM | torwize V5000 | 8.2 | affected |
| IBM | FlashSystem 9100 Family | 7.5 | affected |
| IBM | FlashSystem 9100 Family | 8.2 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/107187
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148757
- https://www.ibm.com/support/docview.wss?uid=ibm10872486
References
- http://www.securityfocus.com/bid/107187
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148757
- https://www.ibm.com/support/docview.wss?uid=ibm10872486
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.