High Severity

IBM Security Bulletin: Vulnerability in Service Assistant GUI affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-1710)

Share this post:

A vulnerability in the Service Assistant GUI affects IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products. The Service Assistant CLI interface is unaffected.

CVE(s): CVE-2017-1710

Affected product(s) and affected version(s):

IBM SAN Volume Controller
IBM Storwize V7000
IBM Storwize V5000
IBM FlashSystem V9000

All products are affected when running supported release 8.1.0.0 only. For unsupported versions of the above products, IBM recommends upgrading to a fixed, supported version of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010788
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134531

More stories

IBM Security Bulletin: Potential denial of service in Liberty for Java for IBM Cloud (CVE-2018-10237)

Mar 22, 2019 10:00 am EDT | High Severity

There is a potential denial of service with the Google Guava library that is used in Liberty for Java. CVE(s): CVE-2018-10237 Affected product(s) and affected version(s):This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.27. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more


IBM Security Bulletin: API Connect V2018 is impacted by information leak (CVE-2019-4052)

Mar 21, 2019 10:01 am EDT | High Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2019-4052 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 2018.1-2018.4.1.2 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10874248X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156544 ...read more


IBM Security Bulletin: Cloudant Local Apache CouchDB CVE-2018-17188: Remote Privilege Escalations

Mar 20, 2019 10:02 am EDT | High Severity

Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full system entry for unauthenticated users. CVE(s): CVE-2018-17188 Affected product(s) and affected version(s):All ...read more