Vulnerability Details CVE-2018-1775
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.4%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.securityfocus.com/bid/107187
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148757
- https://www.ibm.com/support/docview.wss?uid=ibm10872486
- http://www.securityfocus.com/bid/107187
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148757
- https://www.ibm.com/support/docview.wss?uid=ibm10872486
Products affected by CVE-2018-1775
-
cpe:2.3:a:ibm:spectrum_virtualize_software:*
-
cpe:2.3:a:ibm:spectrum_virtualize_software_for_public_cloud:7.5
-
cpe:2.3:a:ibm:spectrum_virtualize_software_for_public_cloud:8.2
-
cpe:2.3:h:ibm:flashsystem_v9000:-
-
cpe:2.3:h:ibm:flashsystem_v9100:-
-
cpe:2.3:h:ibm:san_volume_controller:-
-
cpe:2.3:h:ibm:storwize_v3500:-
-
cpe:2.3:h:ibm:storwize_v3700:-
-
cpe:2.3:h:ibm:storwize_v5000:-
-
cpe:2.3:h:ibm:storwize_v7000:-