High Severity

IBM Security Bulletin: IBM Cisco MDS Series Switches DCNM is affected by unauthenticated, remote attacker vulnerability (CVE-2017-6639, CVE-2017-6640).

Share this post:

IBM Cisco MDS Series Switches has addressed the following vulnerabilities. A vulnerability in Cisco Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or system-level privileges. A vulnerability in the role-based access control (RBAC) functionality of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system.

CVE(s): CVE-2017-6639, CVE-2017-6640

Affected product(s) and affected version(s):

Affected IBM Cisco DCNM Software Affected Versions
DCNM 10.1(1)
DCNM 10.1(2)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ssg1S1010329
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/126891
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/126918

More stories

IBM Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities

Apr 25, 2019 9:02 am EDT | High Severity

IBM Security SiteProtector System has addressed the following vulnerabilities in Apache HTTP Server. CVE(s): CVE-2018-11759, CVE-2017-12613, CVE-2017-15710, CVE-2017-15715, CVE-2018-1301 Affected product(s) and affected version(s): Affected IBM Security SiteProtector System Affected Versions IBM Security SiteProtector System 3.1.1 IBM Security SiteProtector System 3.0.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10880665X-Force ...read more


IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in GNU C Library (CVE-2017-15804 CVE-2017-15670 CVE-2015-5180)

Apr 25, 2019 9:01 am EDT | High Severity

IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in GNU C Library. CVE(s): CVE-2017-15804, CVE-2017-15670, CVE-2015-5180 Affected product(s) and affected version(s): Product Affected Version IBM Dynamic System Analysis (DSA) Preboot 9.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870808X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133996X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133915X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/130620 ...read more


IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in xorg-x11

Apr 25, 2019 9:01 am EDT | High Severity

IBM Dynamic System Analysis (DSA) Preboot has addressed the following vulnerabilities in xorg-x11. CVE(s): CVE-2015-9262, CVE-2018-14665, CVE-2018-14600, CVE-2018-14599, CVE-2018-14598 Affected product(s) and affected version(s): Product Affected Version IBM Dynamic System Analysis (DSA) Preboot 9.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10874890X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148854X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151991X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148663X-Force Database: ...read more