Product:

Spectrum_virtualize

(Ibm)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 16
Date Id Summary Products Score Patch Annotated
2023-01-19 CVE-2022-39167 IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408. Spectrum_virtualize 5.9
2023-02-22 CVE-2022-43870 IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540. Spectrum_virtualize 6.5
2023-02-22 CVE-2022-43873 An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847. Spectrum_virtualize 8.8
2023-05-11 CVE-2023-27870 IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518. Spectrum_virtualize 7.5
2021-10-21 CVE-2021-29873 IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229. Flashsystem_9000_firmware, Flashsystem_9100_firmware, San_volume_controller_firmware, Spectrum_virtualize, Spectrum_virtualize_for_public_cloud, Storwize_v3500_software, Storwize_v3700_software, Storwize_v5000_software, Storwize_v5100_software, Storwize_v7000_software 8.1
2022-05-11 CVE-2021-38969 IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609. Spectrum_virtualize 9.8
2020-08-17 CVE-2020-4686 IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678. Flashsystem_v5000_firmware, Flashsystem_v7200_firmware, Flashsystem_v9000_firmware, Flashsystem_v9100_firmware, Flashsystem_v9200_firmware, San_volume_controller_firmware, Spectrum_virtualize, Storwize_v5000_firmware, Storwize_v5000e_firmware, Storwize_v5100_firmware, Storwize_v7000_firmware 8.1
2018-05-17 CVE-2018-1466 IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397. San_volume_controller_firmware, Spectrum_virtualize, Spectrum_virtualize_for_public_cloud, Storwize_v3500_firmware, Storwize_v3700_firmware, Storwize_v5000_firmware, Storwize_v7000_firmware, Storwize_v9000_firmware N/A
2018-05-17 CVE-2018-1464 IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395. San_volume_controller_firmware, Spectrum_virtualize, Spectrum_virtualize_for_public_cloud, Storwize_v3500_firmware, Storwize_v3700_firmware, Storwize_v5000_firmware, Storwize_v7000_firmware, Storwize_v9000_firmware N/A
2018-05-17 CVE-2018-1463 IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368. San_volume_controller_firmware, Spectrum_virtualize, Spectrum_virtualize_for_public_cloud, Storwize_v3500_firmware, Storwize_v3700_firmware, Storwize_v5000_firmware, Storwize_v7000_firmware, Storwize_v9000_firmware N/A