CVE-2018-1466

Published: May 17, 2018Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.6 / Impact: 3.6

Source: NVD

Description

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.

Affected (40)

Products: Ibm: Storwize V7000 Firmware, Storwize V5000 Firmware, Storwize V3700 Firmware, Storwize V3500 Firmware, Storwize V9000 Firmware, San Volume Controller Firmware, Spectrum Virtualize, Spectrum Virtualize For Public Cloud

Ibm

8 products

Storwize V7000 Firmware

Storwize V5000 Firmware

Storwize V3700 Firmware

Storwize V3500 Firmware

Storwize V9000 Firmware

San Volume Controller Firmware

Spectrum Virtualize

Spectrum Virtualize For Public Cloud

Configuration A

5 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Storwize V7000 Firmware	From 6.1.0.0 to 7.5.0.14
Ibm Storwize V7000 Firmware	From 7.7.0.0 to 7.7.1.9
Ibm Storwize V7000 Firmware	From 7.8.0.0 to 7.8.1.6
Ibm Storwize V7000 Firmware	From 8.1.1.0 to 8.1.1.2
Ibm Storwize V7000 Firmware	From 8.1.2.0 to 8.1.2.1

Running on/with	Platform Versions
Ibm Storwize V7000	All versions

Configuration B

5 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Storwize V5000 Firmware	From 6.1.0.0 to 7.5.0.14
Ibm Storwize V5000 Firmware	From 7.7.0.0 to 7.7.1.9
Ibm Storwize V5000 Firmware	From 7.8.0.0 to 7.8.1.6
Ibm Storwize V5000 Firmware	From 8.1.1.0 to 8.1.1.2
Ibm Storwize V5000 Firmware	From 8.1.2.0 to 8.1.2.1

Running on/with	Platform Versions
Ibm Storwize V5000	All versions

Configuration C

5 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Storwize V3700 Firmware	From 6.1.0.0 to 7.5.0.14
Ibm Storwize V3700 Firmware	From 7.7.0.0 to 7.7.1.9
Ibm Storwize V3700 Firmware	From 7.8.0.0 to 7.8.1.6
Ibm Storwize V3700 Firmware	From 8.1.1.0 to 8.1.1.2
Ibm Storwize V3700 Firmware	From 8.1.2.0 to 8.1.2.1

Running on/with	Platform Versions
Ibm Storwize V3700	All versions

Configuration D

5 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Storwize V3500 Firmware	From 6.1.0.0 to 7.5.0.14
Ibm Storwize V3500 Firmware	From 7.7.0.0 to 7.7.1.9
Ibm Storwize V3500 Firmware	From 7.8.0.0 to 7.8.1.6
Ibm Storwize V3500 Firmware	From 8.1.1.0 to 8.1.1.2
Ibm Storwize V3500 Firmware	From 8.1.2.0 to 8.1.2.1

Running on/with	Platform Versions
Ibm Storwize V3500	All versions

Configuration E

5 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Storwize V9000 Firmware	From 6.1.0.0 to 7.5.0.14
Ibm Storwize V9000 Firmware	From 7.7.0.0 to 7.7.1.9
Ibm Storwize V9000 Firmware	From 7.8.0.0 to 7.8.1.6
Ibm Storwize V9000 Firmware	From 8.1.1.0 to 8.1.1.2
Ibm Storwize V9000 Firmware	From 8.1.2.0 to 8.1.2.1

Running on/with	Platform Versions
Ibm Storwize V9000	All versions

Configuration F

5 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm San Volume Controller Firmware	From 6.1.0.0 to 7.5.0.14
Ibm San Volume Controller Firmware	From 7.7.0.0 to 7.7.1.9
Ibm San Volume Controller Firmware	From 7.8.0.0 to 7.8.1.6
Ibm San Volume Controller Firmware	From 8.1.1.0 to 8.1.1.2
Ibm San Volume Controller Firmware	From 8.1.2.0 to 8.1.2.1

Running on/with	Platform Versions
Ibm San Volume Controller	All versions

Configuration G

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Spectrum Virtualize	From 6.1.0.0 to 7.5.0.14
Ibm Spectrum Virtualize	From 7.7.0.0 to 7.7.1.9
Ibm Spectrum Virtualize	From 7.8.0.0 to 7.8.1.6
Ibm Spectrum Virtualize	From 8.1.1.0 to 8.1.1.2
Ibm Spectrum Virtualize	From 8.1.2.0 to 8.1.2.1

Configuration H

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Spectrum Virtualize For Public Cloud	From 6.1.0.0 to 7.5.0.14
Ibm Spectrum Virtualize For Public Cloud	From 7.7.0.0 to 7.7.1.9
Ibm Spectrum Virtualize For Public Cloud	From 7.8.0.0 to 7.8.1.6
Ibm Spectrum Virtualize For Public Cloud	From 8.1.1.0 to 8.1.1.2
Ibm Spectrum Virtualize For Public Cloud	From 8.1.2.0 to 8.1.2.1