CVE-2012-6354

The management GUI on the IBM SAN Volume Controller and Storwize V7000 6.x before 6.4.1.3 allows remote attackers to bypass authentication and obtain superuser access via IP packets.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
ibmsan_volume_controller_software
6.1.0.0
ibmsan_volume_controller_software
6.2.0.0
ibmsan_volume_controller_software
6.3.0.0
ibmsan_volume_controller_software
6.4.0.0
ibmstorwize_v7000
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004277
https://exchange.xforce.ibmcloud.com/vulnerabilities/80716
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004277
https://exchange.xforce.ibmcloud.com/vulnerabilities/80716