Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CNVD-2018-11113
Vulnerability from cnvd - Published: 2018-06-08
VLAI Severity ?
Title
多款IBM产品信息泄露漏洞(CNVD-2018-11113)
Description
IBM SAN Volume Controller(SVC)等都是美国IBM公司的存储系统。IBM SVC是一套虚拟化存储系统;Storwize是一套专为中小型企业定制的磁盘存储系统;Spectrum Virtualize是一套光谱存储系统;FlashSystem是一套全闪存存储系统。
多款IBM产品中存在安全漏洞,该漏洞源于程序使用了较弱的加密算法。攻击者可利用该漏洞解密敏感信息。
Severity
中
Patch Name
多款IBM产品信息泄露漏洞(CNVD-2018-11113)的补丁
Patch Description
IBM SAN Volume Controller(SVC)等都是美国IBM公司的存储系统。IBM SVC是一套虚拟化存储系统;Storwize是一套专为中小型企业定制的磁盘存储系统;Spectrum Virtualize是一套光谱存储系统;FlashSystem是一套全闪存存储系统。
多款IBM产品中存在安全漏洞,该漏洞源于程序使用了较弱的加密算法。攻击者可利用该漏洞解密敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布漏洞修复程序,请及时关注更新: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012263; http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012282; http://www-01.ibm.com/support/docview.wss?uid=ssg1S1012283
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-1466
https://www.securityfocus.com/bid/104349
Impacted products
| Name | ['IBM System Storage SAN Volume Controller 6.3', 'IBM System Storage SAN Volume Controller 6.4', 'IBM System Storage SAN Volume Controller 7.1', 'IBM System Storage SAN Volume Controller 7.2', 'IBM System Storage SAN Volume Controller 6.1', 'IBM System Storage SAN Volume Controller 6.2', 'IBM SAN Volume Controller 7.3', 'IBM SAN Volume Controller 7.4', 'IBM SAN Volume Controller 7.5', 'IBM SAN Volume Controller 7.6', 'IBM SAN Volume Controller 7.6.1', 'IBM SAN Volume Controller 7.7', 'IBM SAN Volume Controller 7.7.1', 'IBM SAN Volume Controller 7.8', 'IBM SAN Volume Controller 7.8.1', 'IBM SAN Volume Controller 8.1', 'IBM SAN Volume Controller 8.1.1', 'IBM Storwize 6.1', 'IBM Storwize 6.2', 'IBM Storwize 6.3', 'IBM Storwize 6.4', 'IBM Storwize 7.1', 'IBM Storwize 7.2', 'IBM Storwize 7.3', 'IBM Storwize 7.4', 'IBM Storwize 7.5', 'IBM Storwize 7.6', 'IBM Storwize 7.6.1', 'IBM Storwize 7.7', 'IBM Storwize 7.7.1', 'IBM Storwize 7.8', 'IBM Storwize 7.8.1', 'IBM Storwize 8.1', 'IBM Storwize 8.1.1', 'IBM Spectrum Virtualize 6.1', 'IBM Spectrum Virtualize 6.2', 'IBM Spectrum Virtualize 6.3', 'IBM Spectrum Virtualize 6.4', 'IBM Spectrum Virtualize 7.1', 'IBM Spectrum Virtualize 7.2', 'IBM Spectrum Virtualize 7.3', 'IBM Spectrum Virtualize 7.4', 'IBM Spectrum Virtualize 7.5', 'IBM Spectrum Virtualize 7.6', 'IBM Spectrum Virtualize 7.6.1', 'IBM Spectrum Virtualize 7.7', 'IBM Spectrum Virtualize 7.7.1', 'IBM Spectrum Virtualize 7.8', 'IBM Spectrum Virtualize 7.8.1', 'IBM Spectrum Virtualize 8.1', 'IBM Spectrum Virtualize 8.1.1', 'IBM FlashSystem 6.1', 'IBM FlashSystem 6.2', 'IBM FlashSystem 6.3', 'IBM FlashSystem 6.4', 'IBM FlashSystem 7.1', 'IBM FlashSystem 7.2', 'IBM FlashSystem 7.3', 'IBM FlashSystem 7.4', 'IBM FlashSystem 7.5', 'IBM FlashSystem 7.6', 'IBM FlashSystem 7.6.1', 'IBM FlashSystem 7.7', 'IBM FlashSystem 7.7.1', 'IBM FlashSystem 7.8', 'IBM FlashSystem 7.8.1', 'IBM FlashSystem 8.1', 'IBM FlashSystem 8.1.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-1466"
}
},
"description": "IBM SAN Volume Controller\uff08SVC\uff09\u7b49\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u5b58\u50a8\u7cfb\u7edf\u3002IBM SVC\u662f\u4e00\u5957\u865a\u62df\u5316\u5b58\u50a8\u7cfb\u7edf\uff1bStorwize\u662f\u4e00\u5957\u4e13\u4e3a\u4e2d\u5c0f\u578b\u4f01\u4e1a\u5b9a\u5236\u7684\u78c1\u76d8\u5b58\u50a8\u7cfb\u7edf\uff1bSpectrum Virtualize\u662f\u4e00\u5957\u5149\u8c31\u5b58\u50a8\u7cfb\u7edf\uff1bFlashSystem\u662f\u4e00\u5957\u5168\u95ea\u5b58\u5b58\u50a8\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eIBM\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u4e86\u8f83\u5f31\u7684\u52a0\u5bc6\u7b97\u6cd5\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u654f\u611f\u4fe1\u606f\u3002",
"discovererName": "Jan Bee, and Sebastian Neuner",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1012263\uff1b\r\nhttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1012282\uff1b\r\nhttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1012283",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-11113",
"openTime": "2018-06-08",
"patchDescription": "IBM SAN Volume Controller\uff08SVC\uff09\u7b49\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u5b58\u50a8\u7cfb\u7edf\u3002IBM SVC\u662f\u4e00\u5957\u865a\u62df\u5316\u5b58\u50a8\u7cfb\u7edf\uff1bStorwize\u662f\u4e00\u5957\u4e13\u4e3a\u4e2d\u5c0f\u578b\u4f01\u4e1a\u5b9a\u5236\u7684\u78c1\u76d8\u5b58\u50a8\u7cfb\u7edf\uff1bSpectrum Virtualize\u662f\u4e00\u5957\u5149\u8c31\u5b58\u50a8\u7cfb\u7edf\uff1bFlashSystem\u662f\u4e00\u5957\u5168\u95ea\u5b58\u5b58\u50a8\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eIBM\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u4e86\u8f83\u5f31\u7684\u52a0\u5bc6\u7b97\u6cd5\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u89e3\u5bc6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eIBM\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-11113\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"IBM System Storage SAN Volume Controller 6.3",
"IBM System Storage SAN Volume Controller 6.4",
"IBM System Storage SAN Volume Controller 7.1",
"IBM System Storage SAN Volume Controller 7.2",
"IBM System Storage SAN Volume Controller 6.1",
"IBM System Storage SAN Volume Controller 6.2",
"IBM SAN Volume Controller 7.3",
"IBM SAN Volume Controller 7.4",
"IBM SAN Volume Controller 7.5",
"IBM SAN Volume Controller 7.6",
"IBM SAN Volume Controller 7.6.1",
"IBM SAN Volume Controller 7.7",
"IBM SAN Volume Controller 7.7.1",
"IBM SAN Volume Controller 7.8",
"IBM SAN Volume Controller 7.8.1",
"IBM SAN Volume Controller 8.1",
"IBM SAN Volume Controller 8.1.1",
"IBM Storwize 6.1",
"IBM Storwize 6.2",
"IBM Storwize 6.3",
"IBM Storwize 6.4",
"IBM Storwize 7.1",
"IBM Storwize 7.2",
"IBM Storwize 7.3",
"IBM Storwize 7.4",
"IBM Storwize 7.5",
"IBM Storwize 7.6",
"IBM Storwize 7.6.1",
"IBM Storwize 7.7",
"IBM Storwize 7.7.1",
"IBM Storwize 7.8",
"IBM Storwize 7.8.1",
"IBM Storwize 8.1",
"IBM Storwize 8.1.1",
"IBM Spectrum Virtualize 6.1",
"IBM Spectrum Virtualize 6.2",
"IBM Spectrum Virtualize 6.3",
"IBM Spectrum Virtualize 6.4",
"IBM Spectrum Virtualize 7.1",
"IBM Spectrum Virtualize 7.2",
"IBM Spectrum Virtualize 7.3",
"IBM Spectrum Virtualize 7.4",
"IBM Spectrum Virtualize 7.5",
"IBM Spectrum Virtualize 7.6",
"IBM Spectrum Virtualize 7.6.1",
"IBM Spectrum Virtualize 7.7",
"IBM Spectrum Virtualize 7.7.1",
"IBM Spectrum Virtualize 7.8",
"IBM Spectrum Virtualize 7.8.1",
"IBM Spectrum Virtualize 8.1",
"IBM Spectrum Virtualize 8.1.1",
"IBM FlashSystem 6.1",
"IBM FlashSystem 6.2",
"IBM FlashSystem 6.3",
"IBM FlashSystem 6.4",
"IBM FlashSystem 7.1",
"IBM FlashSystem 7.2",
"IBM FlashSystem 7.3",
"IBM FlashSystem 7.4",
"IBM FlashSystem 7.5",
"IBM FlashSystem 7.6",
"IBM FlashSystem 7.6.1",
"IBM FlashSystem 7.7",
"IBM FlashSystem 7.7.1",
"IBM FlashSystem 7.8",
"IBM FlashSystem 7.8.1",
"IBM FlashSystem 8.1",
"IBM FlashSystem 8.1.1"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-1466\r\nhttps://www.securityfocus.com/bid/104349",
"serverity": "\u4e2d",
"submitTime": "2018-05-18",
"title": "\u591a\u6b3eIBM\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-11113\uff09"
}
CVE-2018-1466 (GCVE-0-2018-1466)
Vulnerability from cvelistv5 – Published: 2018-05-17 21:00 – Updated: 2024-09-16 17:03
VLAI?
EPSS
Summary
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| IBM | SAN Volume Controller |
Affected:
6.1
Affected: 6.2 Affected: 6.3 Affected: 6.4 Affected: 7.1 Affected: 7.5 Affected: 7.6 Affected: 7.6.1 Affected: 7.7 Affected: 7.7.1 Affected: 7.8 Affected: 7.8.1 Affected: 8.1 |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-storwize-cve20181466-info-disc(140397)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAN Volume Controller",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
}
]
},
{
"product": "Storwize V5000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize Software",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V7000 (2076)",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3700",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Storwize V3500",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "FlashSystem V9000",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
},
{
"product": "Spectrum Virtualize for Public Cloud",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.6"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.7"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "8.1.1"
}
]
}
],
"datePublic": "2018-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-04T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-storwize-cve20181466-info-disc(140397)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-05-14T00:00:00",
"ID": "CVE-2018-1466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAN Volume Controller",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
}
]
}
},
{
"product_name": "Storwize V5000",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize Software",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V7000 (2076)",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "1.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3700",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "6.4"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Storwize V3500",
"version": {
"version_data": [
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "FlashSystem V9000",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
},
{
"product_name": "Spectrum Virtualize for Public Cloud",
"version": {
"version_data": [
{
"version_value": "7.5"
},
{
"version_value": "7.6"
},
{
"version_value": "7.6.1"
},
{
"version_value": "7.7"
},
{
"version_value": "7.7.1"
},
{
"version_value": "7.8"
},
{
"version_value": "7.8.1"
},
{
"version_value": "8.1"
},
{
"version_value": "6.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.3"
},
{
"version_value": "6.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.2"
},
{
"version_value": "7.3"
},
{
"version_value": "7.4"
},
{
"version_value": "8.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-storwize-cve20181466-info-disc(140397)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140397"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"
},
{
"name": "104349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104349"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1466",
"datePublished": "2018-05-17T21:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-16T17:03:03.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…