HIGH🇵🇱 Wersja polska

CVE-2018-1434

CVSS 8.8v3.1pub. 2018-05-17upd. 2024-11-21

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • IBM San Volume Controller

    HW
    Ibm
    wszystkie wersje
  • IBM San Volume Controller Firmware

    OS
    Ibm
    6.1.0.0 – 7.5.0.14 (bez)7.7.0.0 – 7.7.1.9 (bez)7.8.0.0 – 7.8.1.6 (bez)8.1.1.0 – 8.1.1.2 (bez)8.1.2.0 – 8.1.2.1 (bez)
  • IBM Spectrum Virtualize

    APP
    Ibm
    7.8.0.0 – 7.8.1.6 (bez)8.1.2.0 – 8.1.2.1 (bez)8.1.1.0 – 8.1.1.2 (bez)7.7.0.0 – 7.7.1.9 (bez)6.1.0.0 – 7.5.0.14 (bez)
  • IBM Spectrum Virtualize For Public Cloud

    APP
    Ibm
    6.1.0.0 – 7.5.0.14 (bez)7.7.0.0 – 7.7.1.9 (bez)7.8.0.0 – 7.8.1.6 (bez)8.1.1.0 – 8.1.1.2 (bez)8.1.2.0 – 8.1.2.1 (bez)
  • IBM Storwize V3500

    HW
    Ibm
    wszystkie wersje
  • IBM Storwize V3500 Firmware

    OS
    Ibm
    6.1.0.0 – 7.5.0.14 (bez)7.7.0.0 – 7.7.1.9 (bez)7.8.0.0 – 7.8.1.6 (bez)8.1.1.0 – 8.1.1.2 (bez)8.1.2.0 – 8.1.2.1 (bez)
  • IBM Storwize V3700

    HW
    Ibm
    wszystkie wersje
  • IBM Storwize V3700 Firmware

    OS
    Ibm
    8.1.2.0 – 8.1.2.1 (bez)6.1.0.0 – 7.5.0.14 (bez)7.7.0.0 – 7.7.1.9 (bez)7.8.0.0 – 7.8.1.6 (bez)8.1.1.0 – 8.1.1.2 (bez)
  • IBM Storwize V5000

    HW
    Ibm
    wszystkie wersje
  • IBM Storwize V5000 Firmware

    OS
    Ibm
    8.1.2.0 – 8.1.2.1 (bez)8.1.1.0 – 8.1.1.2 (bez)7.8.0.0 – 7.8.1.6 (bez)7.7.0.0 – 7.7.1.9 (bez)6.1.0.0 – 7.5.0.14 (bez)
  • IBM Storwize V7000

    HW
    Ibm
    wszystkie wersje
  • IBM Storwize V7000 Firmware

    OS
    Ibm
    7.8.0.0 – 7.8.1.6 (bez)6.1.0.0 – 7.5.0.14 (bez)8.1.2.0 – 8.1.2.1 (bez)8.1.1.0 – 8.1.1.2 (bez)7.7.0.0 – 7.7.1.9 (bez)
  • IBM Storwize V9000

    HW
    Ibm
    wszystkie wersje
  • IBM Storwize V9000 Firmware

    OS
    Ibm
    7.7.0.0 – 7.7.1.9 (bez)6.1.0.0 – 7.5.0.14 (bez)8.1.2.0 – 8.1.2.1 (bez)8.1.1.0 – 8.1.1.2 (bez)7.8.0.0 – 7.8.1.6 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2017-5638CRITICAL9.8⚠ KEVten sam produkt

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect ex...

CVE-2021-38969CRITICAL9.8ten sam produkt

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reus...

CVE-2017-1710CRITICAL9.8ten sam produkt

A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to...

CVE-2021-29873HIGH8.1ten sam produkt

IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial ...

CVE-2020-4686HIGH8.1ten sam produkt

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges an...