CVE-2014-4811

EUVD-2014-4730
IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
ibmsan_volume_controller_software
6.1.0.0
ibmsan_volume_controller_software
6.1.0.1
ibmsan_volume_controller_software
6.1.0.2
ibmsan_volume_controller_software
6.1.0.3
ibmsan_volume_controller_software
6.1.0.4
ibmsan_volume_controller_software
6.1.0.5
ibmsan_volume_controller_software
6.1.0.6
ibmsan_volume_controller_software
6.1.0.7
ibmsan_volume_controller_software
6.1.0.8
ibmsan_volume_controller_software
6.1.0.9
ibmsan_volume_controller_software
6.1.0.10
ibmsan_volume_controller_software
6.2.0.0
ibmsan_volume_controller_software
6.2.0.1
ibmsan_volume_controller_software
6.2.0.2
ibmsan_volume_controller_software
6.2.0.3
ibmsan_volume_controller_software
6.2.0.4
ibmsan_volume_controller_software
6.2.0.5
ibmsan_volume_controller_software
6.2.0.6
ibmsan_volume_controller_software
6.3.0.0
ibmsan_volume_controller_software
6.3.0.1
ibmsan_volume_controller_software
6.3.0.2
ibmsan_volume_controller_software
6.3.0.3
ibmsan_volume_controller_software
6.3.0.4
ibmsan_volume_controller_software
6.3.0.5
ibmsan_volume_controller_software
6.3.0.6
ibmsan_volume_controller_software
6.3.0.7
ibmsan_volume_controller_software
6.4.0.0
ibmsan_volume_controller_software
6.4.0.1
ibmsan_volume_controller_software
6.4.0.2
ibmsan_volume_controller_software
6.4.0.3
ibmsan_volume_controller_software
6.4.0.4
ibmsan_volume_controller_software
6.4.1.1
ibmsan_volume_controller_software
6.4.1.2
ibmsan_volume_controller_software
6.4.1.3
ibmsan_volume_controller_software
6.4.1.4
ibmsan_volume_controller_software
6.4.1.5
ibmsan_volume_controller_software
6.4.1.6
ibmsan_volume_controller_software
6.4.1.7
ibmsan_volume_controller_software
6.4.1.8
ibmsan_volume_controller_software
7.1.0.0
ibmsan_volume_controller_software
7.1.0.1
ibmsan_volume_controller_software
7.1.0.2
ibmsan_volume_controller_software
7.1.0.3
ibmsan_volume_controller_software
7.1.0.5
ibmsan_volume_controller_software
7.1.0.6
ibmsan_volume_controller_software
7.1.0.7
ibmsan_volume_controller_software
7.2.0.0
ibmsan_volume_controller_software
7.2.0.1
ibmsan_volume_controller_software
7.2.0.2
ibmsan_volume_controller_software
7.2.0.3
ibmsan_volume_controller_software
7.2.0.4
ibmsan_volume_controller_software
7.2.0.5
ibmsan_volume_controller_software
7.2.0.6
ibmsan_volume_controller_software
7.2.0.7
ibmstorwize_v3500
-
ibmstorwize_v3700
-
ibmstorwize_v5000
-
ibmstorwize_v7000
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/61075
http://www.ibm.com/support/docview.wss?uid=ssg1S1004846
http://www.securityfocus.com/bid/69771
https://exchange.xforce.ibmcloud.com/vulnerabilities/95387
http://secunia.com/advisories/61075
http://www.ibm.com/support/docview.wss?uid=ssg1S1004846
http://www.securityfocus.com/bid/69771
https://exchange.xforce.ibmcloud.com/vulnerabilities/95387