Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that are created with the NFS protocol but accessed with a non-NFS protocol, which allows remote authenticated users to obtain sensitive information, modify programs or files, or cause a denial of service (device crash) via a (1) CIFS, (2) HTTPS, (3) SCP, or (4) SFTP operation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Storwize V7000 Unified 输入验证漏洞
Vulnerability Description
IBM Storwize V7000 Unified是美国IBM公司的一套虚拟化存储系统。该系统可提供对存储资源的单点控制、自动优化应用存储性能等功能。 IBM Storwize V7000 Unified 1.3.x版本和1.4.2.0之前的1.4.x版本中存在安全漏洞,该漏洞源于程序没有正确处理设备文件。远程攻击者可借助NFS协议(如CIFS,HTTPS,SCP或SFTP协议)利用该漏洞获取敏感信息,读取或写入任意文件,或造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A