CVE-2014-4811

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-4811
IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/61075
http://www.ibm.com/support/docview.wss?uid=ssg1S1004846 Patch Vendor Advisory
http://www.securityfocus.com/bid/69771
https://exchange.xforce.ibmcloud.com/vulnerabilities/95387
http://secunia.com/advisories/61075
http://www.ibm.com/support/docview.wss?uid=ssg1S1004846 Patch Vendor Advisory
http://www.securityfocus.com/bid/69771
https://exchange.xforce.ibmcloud.com/vulnerabilities/95387
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.7:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2014-09-12 01:55

Updated : 2025-04-12 10:46

NVD link : CVE-2014-4811

Mitre link : CVE-2014-4811

CVE.ORG link : CVE-2014-4811

JSON object : View

Products Affected

ibm

  • san_volume_controller_software
  • storwize_v5000
  • storwize_v3700
  • storwize_v3500
  • storwize_v7000
CWE
CWE-255

Credentials Management Errors