{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474."
    },
    {
      "lang": "es",
      "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) son vulnerables a Cross-Site Request Forgery (CSRF), lo que podr\u00eda permitir que un atacante ejecute acciones maliciosas no autorizadas transmitidas de un usuario en el que conf\u00eda el sitio web. IBM X-Force ID: 139474."
    }
  ],
  "id": "CVE-2018-1434",
  "lastModified": "2024-11-21T03:59:48.820",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.323",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362."
    },
    {
      "lang": "es",
      "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. Esto podr\u00eda dar lugar a una revelaci\u00f3n de credenciales en una sesi\u00f3n de confianza. IBM X-Force ID: 140362."
    }
  ],
  "id": "CVE-2018-1461",
  "lastModified": "2024-11-21T03:59:51.940",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.433",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
    },
    {
      "lang": "es",
      "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado acceda a archivos del sistema a los que no deber\u00eda tener acceso, algunos de los cuales podr\u00edan contener credenciales de cuenta. IBM X-Force ID: 140368."
    }
  ],
  "id": "CVE-2018-1463",
  "lastModified": "2024-11-21T03:59:52.310",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.540",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473."
    },
    {
      "lang": "es",
      "value": "En los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1), web handler /DownloadFile no requiere autenticaci\u00f3n para leer archivos arbitrarios del sistema. IBM X-Force ID: 139473."
    }
  ],
  "id": "CVE-2018-1433",
  "lastModified": "2024-11-21T03:59:48.683",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.243",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363."
    },
    {
      "lang": "es",
      "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado acceda a archivos del sistema a los que no deber\u00eda tener acceso, incluyendo la eliminaci\u00f3n de archivos o provocar una denegaci\u00f3n de servicio (DoS). IBM X-Force ID: 140363."
    }
  ],
  "id": "CVE-2018-1462",
  "lastModified": "2024-11-21T03:59:52.127",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.493",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566."
    },
    {
      "lang": "es",
      "value": "En los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1), web handler /DLSnap podr\u00eda permitir que un atacante no autenticado lea archivos arbitrarios del sistema. IBM X-Force ID: 139566."
    }
  ],
  "id": "CVE-2018-1438",
  "lastModified": "2024-11-21T03:59:49.253",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.387",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
    },
    {
      "lang": "es",
      "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) emplean algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir que un atacante descifre informaci\u00f3n altamente sensible. IBM X-Force ID: 140397."
    }
  ],
  "id": "CVE-2018-1466",
  "lastModified": "2024-11-21T03:59:52.847",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.713",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-326"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395."
    },
    {
      "lang": "es",
      "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado obtenga informaci\u00f3n sensible que no podr\u00eda leer por no tener la autorizaci\u00f3n para ello. IBM X-Force ID: 140395."
    }
  ],
  "id": "CVE-2018-1464",
  "lastModified": "2024-11-21T03:59:52.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.603",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E",
              "versionEndExcluding": "7.5.0.14",
              "versionStartIncluding": "6.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769",
              "versionEndExcluding": "7.7.1.9",
              "versionStartIncluding": "7.7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0",
              "versionEndExcluding": "7.8.1.6",
              "versionStartIncluding": "7.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700",
              "versionEndExcluding": "8.1.1.2",
              "versionStartIncluding": "8.1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95",
              "versionEndExcluding": "8.1.2.1",
              "versionStartIncluding": "8.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."
    },
    {
      "lang": "es",
      "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado obtenga la clave privada que podr\u00eda posibilitar la interceptaci\u00f3n de comunicaciones en la interfaz gr\u00e1fica de usuario. IBM X-Force ID: 140396."
    }
  ],
  "id": "CVE-2018-1465",
  "lastModified": "2024-11-21T03:59:52.673",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T21:29:00.650",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.134Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-storwize-cve20181462-dos(140363)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Storwize V3700",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "SAN Volume Controller",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            }
          ]
        },
        {
          "product": "Storwize V5000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V7000 (2076)",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "FlashSystem V9000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3500",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize for Public Cloud",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-storwize-cve20181462-dos(140363)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-05-14T00:00:00",
          "ID": "CVE-2018-1462",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Storwize V3700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAN Volume Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V5000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V7000 (2076)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "1.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FlashSystem V9000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize for Public Cloud",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-storwize-cve20181462-dos(140363)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140363"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1462",
    "datePublished": "2018-05-17T21:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-17T01:51:33.890Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.074Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-storwize-cve20181433-file-download(139473)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-storwize-cve20181433-file-download(139473)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2018-1433",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-storwize-cve20181433-file-download(139473)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139473"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1433",
    "datePublished": "2018-05-17T21:00:00",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-08-05T03:59:39.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.232Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "name": "ibm-storwize-cve20181463-info-disc(140368)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Storwize V5000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3700",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize for Public Cloud",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "SAN Volume Controller",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            }
          ]
        },
        {
          "product": "Storwize V7000 (2076)",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3500",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "FlashSystem V9000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "name": "ibm-storwize-cve20181463-info-disc(140368)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-05-14T00:00:00",
          "ID": "CVE-2018-1463",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Storwize V5000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize for Public Cloud",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAN Volume Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V7000 (2076)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "1.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FlashSystem V9000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "ibm-storwize-cve20181463-info-disc(140368)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140368"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1463",
    "datePublished": "2018-05-17T21:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-16T16:52:50.494Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.128Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-storwize-cve20181466-info-disc(140397)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SAN Volume Controller",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            }
          ]
        },
        {
          "product": "Storwize V5000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V7000 (2076)",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3700",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3500",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "FlashSystem V9000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize for Public Cloud",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-storwize-cve20181466-info-disc(140397)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-05-14T00:00:00",
          "ID": "CVE-2018-1466",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SAN Volume Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V5000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V7000 (2076)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "1.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FlashSystem V9000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize for Public Cloud",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-storwize-cve20181466-info-disc(140397)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1466",
    "datePublished": "2018-05-17T21:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-16T17:03:03.170Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.086Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-storwize-cve20181438-info-disc(139566)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-storwize-cve20181438-info-disc(139566)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2018-1438",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-storwize-cve20181438-info-disc(139566)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139566"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1438",
    "datePublished": "2018-05-17T21:00:00",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-08-05T03:59:39.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.245Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-storwize-cve20181464-info-disc(140395)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Storwize V5000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3500",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V7000 (2076)",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3700",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize for Public Cloud",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "SAN Volume Controller",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            }
          ]
        },
        {
          "product": "FlashSystem V9000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-storwize-cve20181464-info-disc(140395)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-05-14T00:00:00",
          "ID": "CVE-2018-1464",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Storwize V5000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V7000 (2076)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "1.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize for Public Cloud",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAN Volume Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FlashSystem V9000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-storwize-cve20181464-info-disc(140395)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140395"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1464",
    "datePublished": "2018-05-17T21:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-16T20:17:34.402Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "ibm-storwize-cve20181434-csrf(139474)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FlashSystem V9000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3700",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V5000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "SAN Volume Controller",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize for Public Cloud",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V7000 (2076)",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3500",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "ibm-storwize-cve20181434-csrf(139474)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-05-14T00:00:00",
          "ID": "CVE-2018-1434",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "FlashSystem V9000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V5000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAN Volume Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize for Public Cloud",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V7000 (2076)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "1.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "ibm-storwize-cve20181434-csrf(139474)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139474"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1434",
    "datePublished": "2018-05-17T21:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-17T02:11:40.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.071Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "name": "ibm-storwize-cve20181465-info-disc(140396)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Storwize V3500",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "SAN Volume Controller",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize for Public Cloud",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V7000 (2076)",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "FlashSystem V9000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V5000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3700",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "name": "ibm-storwize-cve20181465-info-disc(140396)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-05-14T00:00:00",
          "ID": "CVE-2018-1465",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Storwize V3500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAN Volume Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize for Public Cloud",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V7000 (2076)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "1.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FlashSystem V9000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V5000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "ibm-storwize-cve20181465-info-disc(140396)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1465",
    "datePublished": "2018-05-17T21:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-16T18:14:09.942Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:39.050Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-storwize-cve20181461-xss(140362)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
          },
          {
            "name": "104349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104349"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Spectrum Virtualize Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V5000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3500",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V7000 (2076)",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "1.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "Storwize V3700",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "FlashSystem V9000",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        },
        {
          "product": "SAN Volume Controller",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            }
          ]
        },
        {
          "product": "Spectrum Virtualize for Public Cloud",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            },
            {
              "status": "affected",
              "version": "7.6"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.7"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.8"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "status": "affected",
              "version": "7.1"
            },
            {
              "status": "affected",
              "version": "7.2"
            },
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.4"
            },
            {
              "status": "affected",
              "version": "8.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-Site Scripting",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-04T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-storwize-cve20181461-xss(140362)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
        },
        {
          "name": "104349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104349"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-05-14T00:00:00",
          "ID": "CVE-2018-1461",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Spectrum Virtualize Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V5000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V7000 (2076)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "1.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Storwize V3700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FlashSystem V9000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAN Volume Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Spectrum Virtualize for Public Cloud",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.5"
                          },
                          {
                            "version_value": "7.6"
                          },
                          {
                            "version_value": "7.6.1"
                          },
                          {
                            "version_value": "7.7"
                          },
                          {
                            "version_value": "7.7.1"
                          },
                          {
                            "version_value": "7.8"
                          },
                          {
                            "version_value": "7.8.1"
                          },
                          {
                            "version_value": "8.1"
                          },
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.2"
                          },
                          {
                            "version_value": "6.3"
                          },
                          {
                            "version_value": "6.4"
                          },
                          {
                            "version_value": "7.1"
                          },
                          {
                            "version_value": "7.2"
                          },
                          {
                            "version_value": "7.3"
                          },
                          {
                            "version_value": "7.4"
                          },
                          {
                            "version_value": "8.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-Site Scripting"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-storwize-cve20181461-xss(140362)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140362"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
            },
            {
              "name": "104349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104349"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1461",
    "datePublished": "2018-05-17T21:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-16T20:27:43.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}