fkie_nvd - fkie_cve-2014-4811

fkie_cve-2014-4811

Vulnerability from fkie_nvd

Published

2014-09-12 01:55

Modified

2024-11-21 02:10

Severity ?

Summary

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.

References

URL	Tags
psirt@us.ibm.com	http://secunia.com/advisories/61075
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=ssg1S1004846	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/69771
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/95387
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61075
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=ssg1S1004846	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/69771
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/95387

Impacted products

Vendor	Product	Version
ibm	san_volume_controller_software	6.1.0.0
ibm	san_volume_controller_software	6.1.0.1
ibm	san_volume_controller_software	6.1.0.2
ibm	san_volume_controller_software	6.1.0.3
ibm	san_volume_controller_software	6.1.0.4
ibm	san_volume_controller_software	6.1.0.5
ibm	san_volume_controller_software	6.1.0.6
ibm	san_volume_controller_software	6.1.0.7
ibm	san_volume_controller_software	6.1.0.8
ibm	san_volume_controller_software	6.1.0.9
ibm	san_volume_controller_software	6.1.0.10
ibm	san_volume_controller_software	6.2.0.0
ibm	san_volume_controller_software	6.2.0.1
ibm	san_volume_controller_software	6.2.0.2
ibm	san_volume_controller_software	6.2.0.3
ibm	san_volume_controller_software	6.2.0.4
ibm	san_volume_controller_software	6.2.0.5
ibm	san_volume_controller_software	6.2.0.6
ibm	san_volume_controller_software	6.3.0.0
ibm	san_volume_controller_software	6.3.0.1
ibm	san_volume_controller_software	6.3.0.2
ibm	san_volume_controller_software	6.3.0.3
ibm	san_volume_controller_software	6.3.0.4
ibm	san_volume_controller_software	6.3.0.5
ibm	san_volume_controller_software	6.3.0.6
ibm	san_volume_controller_software	6.3.0.7
ibm	san_volume_controller_software	6.4.0.0
ibm	san_volume_controller_software	6.4.0.1
ibm	san_volume_controller_software	6.4.0.2
ibm	san_volume_controller_software	6.4.0.3
ibm	san_volume_controller_software	6.4.0.4
ibm	san_volume_controller_software	6.4.1.1
ibm	san_volume_controller_software	6.4.1.2
ibm	san_volume_controller_software	6.4.1.3
ibm	san_volume_controller_software	6.4.1.4
ibm	san_volume_controller_software	6.4.1.5
ibm	san_volume_controller_software	6.4.1.6
ibm	san_volume_controller_software	6.4.1.7
ibm	san_volume_controller_software	6.4.1.8
ibm	san_volume_controller_software	7.1.0.0
ibm	san_volume_controller_software	7.1.0.1
ibm	san_volume_controller_software	7.1.0.2
ibm	san_volume_controller_software	7.1.0.3
ibm	san_volume_controller_software	7.1.0.5
ibm	san_volume_controller_software	7.1.0.6
ibm	san_volume_controller_software	7.1.0.7
ibm	san_volume_controller_software	7.2.0.0
ibm	san_volume_controller_software	7.2.0.1
ibm	san_volume_controller_software	7.2.0.2
ibm	san_volume_controller_software	7.2.0.3
ibm	san_volume_controller_software	7.2.0.4
ibm	san_volume_controller_software	7.2.0.5
ibm	san_volume_controller_software	7.2.0.6
ibm	san_volume_controller_software	7.2.0.7
ibm	storwize_v3500	-
ibm	storwize_v3700	-
ibm	storwize_v5000	-
ibm	storwize_v7000	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E2689BD-29E9-43DE-9B1A-BEC7DB7AA7BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1EB415E-0E3F-4CB7-A565-BEDBA1F2767C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "09583A2A-17B3-45BB-8407-807B520B1116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "904E3322-AE92-4E5B-9113-38EB13AD4A6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "55915790-FF4F-413F-86F3-17E555EC4111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA23490B-9247-43AD-8DE0-1540331C9865",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D38B4F8A-ACC9-4E6D-9AD0-5D6FB63FAC72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B6FC5F1-7632-4769-9773-E884BCD473BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B8A601-8794-4170-BE36-9C5488C08C4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D2F36C9-3FE9-4A9F-81B0-5C8F201B76A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7224320E-0576-45DA-A5B6-49C5E6905603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A591634C-4D3C-4EFF-AE9B-F40B418801DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD597E3C-7F69-46A8-B26C-420360803ED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "62626CC1-07A1-4932-A1FF-769B62AE0F16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE906283-5CEA-496F-B402-A1BC107E6014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0328A41B-30D1-4257-958B-BF6B26B63BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "05C0724F-1E90-4CB7-9874-6CDC64542965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FAB607A-537A-4F9C-91BB-7E8FFAF3763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "024793B5-0283-4C7E-8D5C-13963FA48E95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC6309B7-DCDD-409A-8CB2-31E8EA9CD2D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57A82C4A-74AD-4E7C-9DE4-D865B85AF681",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B74E59F-9B31-4FE8-93A8-C6AE55AC6F8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BCE28A3-4299-465F-9345-4DBE2F3C5AB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2531B05-9CBB-4544-A469-1205BDB81230",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BDEB64-3841-4FA7-B20A-59BA87CD1AFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D3F5E-72BB-4DED-AD7F-AAB5D8D62775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F7289C8-2996-4AAF-A4CA-FAAC9E43A3CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2FEBA6-0C2D-4348-8E42-BBB149C671A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF4647B1-E9CD-4CD3-A8D8-F094F85FFA4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8587A38-B9B8-41A8-A1FE-85C48AE02118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "57FE10E8-378E-4EE4-ABBE-1CD3ADE1A81C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9E2D8C-4DFF-4A49-A791-97052E3F7977",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D64878E-DA62-4832-9788-3447D1BDD085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B88F8FF9-1786-4D9A-B6F8-5AA31943EDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC8E4B98-E236-440A-BCD8-3BCE7DBAC9C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C9303A-DBE7-4E35-9B31-5B68261C1D7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4729D5AE-8FE4-433B-8A6D-B5910CDA097F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B9469F3-1A77-452D-B2FB-1F4FF9851635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3481BA96-DEA8-4C84-97FE-A21D4E0CC886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AACA863-BDD0-435A-BD24-A0C6246D034D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0DC5BD8-C700-4A72-B31B-DF526B86713B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24970E7-DFE9-4771-8F8D-6FAC469B406D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94780AF-B79A-417A-A144-A67CEC63C5F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74D2B14-045E-404A-9853-775D3E14416C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC47A4E4-6CD8-48BF-80B7-FFB6EE6CB9DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "208E3BF4-7721-4C71-AED6-7847A8DEBB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5EF61CC-F3D3-44D7-A584-2688AC9E8E34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "216B2D7C-819C-4788-99BD-FC9AEC1C4832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "731522C8-9B1A-48CA-A3D6-399722BEFADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD1D2A83-B980-496E-A12A-254E3B2E8373",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F70A64-24BB-4E53-BB64-6F541A9ADD48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA7FC6D-0E6D-4356-85FC-936088C5B44B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CA6669-8726-450A-A3DA-ABCD6845E545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA102062-4992-4456-91F4-46B80FE500B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address."
    },
    {
      "lang": "es",
      "value": "IBM Storwize 3500, 3700, 5000, y dispositivos 7000 y SAN Volume Controller 6.x y 7.x anterior a 7.2.0.8 permiten a atacantes remotos restablecer la contrase\u00f1a del superusuario administrador a su valor por defecto a trav\u00e9s de una solicitud directa hacia la direcci\u00f3n IP de administraci\u00f3n."
    }
  ],
  "id": "CVE-2014-4811",
  "lastModified": "2024-11-21T02:10:54.693",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-09-12T01:55:07.513",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/61075"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004846"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/69771"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/69771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95387"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2014-4811

Vulnerability from cvelistv5

Published

2014-09-12 01:00

Modified

2024-08-06 11:27