CVE-2018-1775

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/A:N/AC:L/AV:N/C:H/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:T
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
ibmspectrum_virtualize_software
7.5 ≤
𝑥
≤ 8.2
ibmspectrum_virtualize_software_for_public_cloud
7.5 ≤
𝑥
≤ 8.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/107187
https://exchange.xforce.ibmcloud.com/vulnerabilities/148757
https://www.ibm.com/support/docview.wss?uid=ibm10872486
http://www.securityfocus.com/bid/107187
https://exchange.xforce.ibmcloud.com/vulnerabilities/148757
https://www.ibm.com/support/docview.wss?uid=ibm10872486