CVE-2014-4811

Published Sep 12, 2014
Last updated 3 months ago
CVSS info 7.5
Overview

Description: IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.
Source: psirt@us.ibm.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-255
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E2689BD-29E9-43DE-9B1A-BEC7DB7AA7BD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1EB415E-0E3F-4CB7-A565-BEDBA1F2767C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09583A2A-17B3-45BB-8407-807B520B1116"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "904E3322-AE92-4E5B-9113-38EB13AD4A6D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55915790-FF4F-413F-86F3-17E555EC4111"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA23490B-9247-43AD-8DE0-1540331C9865"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D38B4F8A-ACC9-4E6D-9AD0-5D6FB63FAC72"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B6FC5F1-7632-4769-9773-E884BCD473BE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36B8A601-8794-4170-BE36-9C5488C08C4B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D2F36C9-3FE9-4A9F-81B0-5C8F201B76A2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7224320E-0576-45DA-A5B6-49C5E6905603"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A591634C-4D3C-4EFF-AE9B-F40B418801DF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD597E3C-7F69-46A8-B26C-420360803ED0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62626CC1-07A1-4932-A1FF-769B62AE0F16"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE906283-5CEA-496F-B402-A1BC107E6014"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0328A41B-30D1-4257-958B-BF6B26B63BC6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05C0724F-1E90-4CB7-9874-6CDC64542965"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FAB607A-537A-4F9C-91BB-7E8FFAF3763A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "024793B5-0283-4C7E-8D5C-13963FA48E95"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC6309B7-DCDD-409A-8CB2-31E8EA9CD2D0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57A82C4A-74AD-4E7C-9DE4-D865B85AF681"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B74E59F-9B31-4FE8-93A8-C6AE55AC6F8A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BCE28A3-4299-465F-9345-4DBE2F3C5AB3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2531B05-9CBB-4544-A469-1205BDB81230"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14BDEB64-3841-4FA7-B20A-59BA87CD1AFC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C0D3F5E-72BB-4DED-AD7F-AAB5D8D62775"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F7289C8-2996-4AAF-A4CA-FAAC9E43A3CB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC2FEBA6-0C2D-4348-8E42-BBB149C671A6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF4647B1-E9CD-4CD3-A8D8-F094F85FFA4D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8587A38-B9B8-41A8-A1FE-85C48AE02118"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57FE10E8-378E-4EE4-ABBE-1CD3ADE1A81C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE9E2D8C-4DFF-4A49-A791-97052E3F7977"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D64878E-DA62-4832-9788-3447D1BDD085"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B88F8FF9-1786-4D9A-B6F8-5AA31943EDFA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC8E4B98-E236-440A-BCD8-3BCE7DBAC9C3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8C9303A-DBE7-4E35-9B31-5B68261C1D7E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4729D5AE-8FE4-433B-8A6D-B5910CDA097F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B9469F3-1A77-452D-B2FB-1F4FF9851635"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3481BA96-DEA8-4C84-97FE-A21D4E0CC886"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AACA863-BDD0-435A-BD24-A0C6246D034D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0DC5BD8-C700-4A72-B31B-DF526B86713B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D24970E7-DFE9-4771-8F8D-6FAC469B406D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A94780AF-B79A-417A-A144-A67CEC63C5F8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A74D2B14-045E-404A-9853-775D3E14416C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC47A4E4-6CD8-48BF-80B7-FFB6EE6CB9DB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "208E3BF4-7721-4C71-AED6-7847A8DEBB09"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5EF61CC-F3D3-44D7-A584-2688AC9E8E34"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "216B2D7C-819C-4788-99BD-FC9AEC1C4832"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "731522C8-9B1A-48CA-A3D6-399722BEFADF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD1D2A83-B980-496E-A12A-254E3B2E8373"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94F70A64-24BB-4E53-BB64-6F541A9ADD48"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFA7FC6D-0E6D-4356-85FC-936088C5B44B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1CA6669-8726-450A-A3DA-ABCD6845E545"
          },
          {
            "criteria": "cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA102062-4992-4456-91F4-46B80FE500B5"
          },
          {
            "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3"
          },
          {
            "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB"
          },
          {
            "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD"
          },
          {
            "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
