← Back

Spectrum Virtualize For Public Cloud

spectrum_virtualize_for_public_cloud

Vendor: Ibm • 10 CVEs

CVEs (10)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-29873
1Ibm
10Flashsystem 9000 Firmware
Flashsystem 9100 FirmwareSan Volume Controller Firmware+7 more
Nov 21, 2024
Oct 21, 2021
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229.
CVE-2018-1466
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
5.3 MEDIUM· v3
3.5 LOW· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cry...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.Show less
CVE-2018-1465
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
5.3 MEDIUM· v3
3.5 LOW· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticate...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396.Show less
CVE-2018-1464
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticate...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395.Show less
CVE-2018-1463
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticate...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368.Show less
CVE-2018-1462
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
7.6 HIGH· v3
6.5 MEDIUM· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticate...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363.Show less
CVE-2018-1461
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-sit...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362.Show less
CVE-2018-1438
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could a...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566.Show less
CVE-2018-1434
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-sit...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474.Show less
CVE-2018-1433
1Ibm
8San Volume Controller Firmware
Spectrum VirtualizeSpectrum Virtualize For Public Cloud+5 more
Nov 21, 2024
May 17, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile d...Show more
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473.Show less