Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Storwize V7000 Unified Software
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3077 1 Ibm 2 Storwize Unified V7000, Storwize V7000 Unified Software 2024-11-21 2.1 LOW N/A
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.
CVE-2013-5376 1 Ibm 2 Storwize V7000 Unified, Storwize V7000 Unified Software 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a "cross frame scripting" attack against an administrative user.
CVE-2013-0500 1 Ibm 2 Storwize V7000 Unified, Storwize V7000 Unified Software 2024-11-21 5.4 MEDIUM N/A
IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that are created with the NFS protocol but accessed with a non-NFS protocol, which allows remote authenticated users to obtain sensitive information, modify programs or files, or cause a denial of service (device crash) via a (1) CIFS, (2) HTTPS, (3) SCP, or (4) SFTP operation.