← back
CVE-2018-1463

CVE-2018-1463

EPSS 1.4%
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368.
Affected products
IBM · FlashSystem V9000IBM · SAN Volume ControllerIBM · Spectrum Virtualize for Public CloudIBM · Spectrum Virtualize SoftwareIBM · Storwize V3500IBM · Storwize V3700IBM · Storwize V5000IBM · Storwize V7000 (2076)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/140368http://www.ibm.com/support/docview.wss?uid=ssg1S1012263http://www.ibm.com/support/docview.wss?uid=ssg1S1012282http://www.ibm.com/support/docview.wss?uid=ssg1S1012283http://www.securityfocus.com/bid/104349