CVE-2018-1465 - Vulnerability Details

Vendors	Products
Ibm	San Volume Controller San Volume Controller Firmware Spectrum Virtualize Spectrum Virtualize For Public Cloud Storwize V3500 Storwize V3500 Firmware Storwize V3700 Storwize V3700 Firmware Storwize V5000 Storwize V5000 Firmware Storwize V7000 Storwize V7000 Firmware Storwize V9000 Storwize V9000 Firmware

Link	Providers
http://www.ibm.com/support/docview.wss?uid=ssg1S1012263
http://www.ibm.com/support/docview.wss?uid=ssg1S1012282
http://www.ibm.com/support/docview.wss?uid=ssg1S1012283
http://www.securityfocus.com/bid/104349
https://exchange.xforce.ibmcloud.com/vulnerabilities/140396

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Storwize V3500", "vendor": "IBM", "versions": [{"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "8.1.1"}]}, {"product": "SAN Volume Controller", "vendor": "IBM", "versions": [{"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}]}, {"product": "Spectrum Virtualize Software", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "8.1.1"}]}, {"product": "Spectrum Virtualize for Public Cloud", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "8.1.1"}]}, {"product": "Storwize V7000 (2076)", "vendor": "IBM", "versions": [{"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "1.1"}, {"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "8.1.1"}]}, {"product": "FlashSystem V9000", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "8.1.1"}]}, {"product": "Storwize V5000", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "8.1.1"}]}, {"product": "Storwize V3700", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.1"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.7"}, {"status": "affected", "version": "7.7.1"}, {"status": "affected", "version": "7.8"}, {"status": "affected", "version": "7.8.1"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "8.1.1"}]}], "datePublic": "2018-05-14T00:00:00", "descriptions": [{"lang": "en", "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."}], "problemTypes": [{"descriptions": [{"description": "Obtain Information", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-04T09:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"}, {"name": "104349", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104349"}, {"name": "ibm-storwize-cve20181465-info-disc(140396)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2018-05-14T00:00:00", "ID": "CVE-2018-1465", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Storwize V3500", "version": {"version_data": [{"version_value": "6.4"}, {"version_value": "7.1"}, {"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}, {"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "8.1.1"}]}}, {"product_name": "SAN Volume Controller", "version": {"version_data": [{"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "6.4"}, {"version_value": "7.1"}, {"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}]}}, {"product_name": "Spectrum Virtualize Software", "version": {"version_data": [{"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}, {"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "6.4"}, {"version_value": "7.1"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "8.1.1"}]}}, {"product_name": "Spectrum Virtualize for Public Cloud", "version": {"version_data": [{"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}, {"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "6.4"}, {"version_value": "7.1"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "8.1.1"}]}}, {"product_name": "Storwize V7000 (2076)", "version": {"version_data": [{"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "6.4"}, {"version_value": "7.1"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "1.1"}, {"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}, {"version_value": "8.1.1"}]}}, {"product_name": "FlashSystem V9000", "version": {"version_data": [{"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}, {"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "6.4"}, {"version_value": "7.1"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "8.1.1"}]}}, {"product_name": "Storwize V5000", "version": {"version_data": [{"version_value": "7.1"}, {"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}, {"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "6.4"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "8.1.1"}]}}, {"product_name": "Storwize V3700", "version": {"version_data": [{"version_value": "7.1"}, {"version_value": "6.4"}, {"version_value": "7.5"}, {"version_value": "7.6"}, {"version_value": "7.6.1"}, {"version_value": "7.7"}, {"version_value": "7.7.1"}, {"version_value": "7.8"}, {"version_value": "7.8.1"}, {"version_value": "8.1"}, {"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}, {"version_value": "7.2"}, {"version_value": "7.3"}, {"version_value": "7.4"}, {"version_value": "8.1.1"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Obtain Information"}]}]}, "references": {"reference_data": [{"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"}, {"name": "104349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104349"}, {"name": "ibm-storwize-cve20181465-info-disc(140396)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"}, {"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"}, {"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:59:39.071Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"}, {"name": "104349", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104349"}, {"name": "ibm-storwize-cve20181465-info-disc(140396)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2018-1465", "datePublished": "2018-05-17T21:00:00Z", "dateReserved": "2017-12-13T00:00:00", "dateUpdated": "2024-09-16T18:14:09.942Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Storwize V3500 (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.4 (string)

}

1 : { »

status : affected (string)

version : 7.1 (string)

}

2 : { »

status : affected (string)

version : 7.5 (string)

}

3 : { »

status : affected (string)

version : 7.6 (string)

}

4 : { »

status : affected (string)

version : 7.6.1 (string)

}

5 : { »

status : affected (string)

version : 7.7 (string)

}

6 : { »

status : affected (string)

version : 7.7.1 (string)

}

7 : { »

status : affected (string)

version : 7.8 (string)

}

8 : { »

status : affected (string)

version : 7.8.1 (string)

}

9 : { »

status : affected (string)

version : 8.1 (string)

}

10 : { »

status : affected (string)

version : 6.1 (string)

}

11 : { »

status : affected (string)

version : 6.2 (string)

}

12 : { »

status : affected (string)

version : 6.3 (string)

}

13 : { »

status : affected (string)

version : 7.2 (string)

}

14 : { »

status : affected (string)

version : 7.3 (string)

}

15 : { »

status : affected (string)

version : 7.4 (string)

}

16 : { »

status : affected (string)

version : 8.1.1 (string)

}

]

}

1 : { »

product : SAN Volume Controller (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.1 (string)

}

1 : { »

status : affected (string)

version : 6.2 (string)

}

2 : { »

status : affected (string)

version : 6.3 (string)

}

3 : { »

status : affected (string)

version : 6.4 (string)

}

4 : { »

status : affected (string)

version : 7.1 (string)

}

5 : { »

status : affected (string)

version : 7.5 (string)

}

6 : { »

status : affected (string)

version : 7.6 (string)

}

7 : { »

status : affected (string)

version : 7.6.1 (string)

}

8 : { »

status : affected (string)

version : 7.7 (string)

}

9 : { »

status : affected (string)

version : 7.7.1 (string)

}

10 : { »

status : affected (string)

version : 7.8 (string)

}

11 : { »

status : affected (string)

version : 7.8.1 (string)

}

12 : { »

status : affected (string)

version : 8.1 (string)

}

]

}

2 : { »

product : Spectrum Virtualize Software (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 7.5 (string)

}

1 : { »

status : affected (string)

version : 7.6 (string)

}

2 : { »

status : affected (string)

version : 7.6.1 (string)

}

3 : { »

status : affected (string)

version : 7.7 (string)

}

4 : { »

status : affected (string)

version : 7.7.1 (string)

}

5 : { »

status : affected (string)

version : 7.8 (string)

}

6 : { »

status : affected (string)

version : 7.8.1 (string)

}

7 : { »

status : affected (string)

version : 8.1 (string)

}

8 : { »

status : affected (string)

version : 6.1 (string)

}

9 : { »

status : affected (string)

version : 6.2 (string)

}

10 : { »

status : affected (string)

version : 6.3 (string)

}

11 : { »

status : affected (string)

version : 6.4 (string)

}

12 : { »

status : affected (string)

version : 7.1 (string)

}

13 : { »

status : affected (string)

version : 7.2 (string)

}

14 : { »

status : affected (string)

version : 7.3 (string)

}

15 : { »

status : affected (string)

version : 7.4 (string)

}

16 : { »

status : affected (string)

version : 8.1.1 (string)

}

]

}

3 : { »

product : Spectrum Virtualize for Public Cloud (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 7.5 (string)

}

1 : { »

status : affected (string)

version : 7.6 (string)

}

2 : { »

status : affected (string)

version : 7.6.1 (string)

}

3 : { »

status : affected (string)

version : 7.7 (string)

}

4 : { »

status : affected (string)

version : 7.7.1 (string)

}

5 : { »

status : affected (string)

version : 7.8 (string)

}

6 : { »

status : affected (string)

version : 7.8.1 (string)

}

7 : { »

status : affected (string)

version : 8.1 (string)

}

8 : { »

status : affected (string)

version : 6.1 (string)

}

9 : { »

status : affected (string)

version : 6.2 (string)

}

10 : { »

status : affected (string)

version : 6.3 (string)

}

11 : { »

status : affected (string)

version : 6.4 (string)

}

12 : { »

status : affected (string)

version : 7.1 (string)

}

13 : { »

status : affected (string)

version : 7.2 (string)

}

14 : { »

status : affected (string)

version : 7.3 (string)

}

15 : { »

status : affected (string)

version : 7.4 (string)

}

16 : { »

status : affected (string)

version : 8.1.1 (string)

}

]

}

4 : { »

product : Storwize V7000 (2076) (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.1 (string)

}

1 : { »

status : affected (string)

version : 6.2 (string)

}

2 : { »

status : affected (string)

version : 6.3 (string)

}

3 : { »

status : affected (string)

version : 6.4 (string)

}

4 : { »

status : affected (string)

version : 7.1 (string)

}

5 : { »

status : affected (string)

version : 7.2 (string)

}

6 : { »

status : affected (string)

version : 7.3 (string)

}

7 : { »

status : affected (string)

version : 7.4 (string)

}

8 : { »

status : affected (string)

version : 1.1 (string)

}

9 : { »

status : affected (string)

version : 7.5 (string)

}

10 : { »

status : affected (string)

version : 7.6 (string)

}

11 : { »

status : affected (string)

version : 7.6.1 (string)

}

12 : { »

status : affected (string)

version : 7.7 (string)

}

13 : { »

status : affected (string)

version : 7.7.1 (string)

}

14 : { »

status : affected (string)

version : 7.8 (string)

}

15 : { »

status : affected (string)

version : 7.8.1 (string)

}

16 : { »

status : affected (string)

version : 8.1 (string)

}

17 : { »

status : affected (string)

version : 8.1.1 (string)

}

]

}

5 : { »

product : FlashSystem V9000 (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 7.5 (string)

}

1 : { »

status : affected (string)

version : 7.6 (string)

}

2 : { »

status : affected (string)

version : 7.6.1 (string)

}

3 : { »

status : affected (string)

version : 7.7 (string)

}

4 : { »

status : affected (string)

version : 7.7.1 (string)

}

5 : { »

status : affected (string)

version : 7.8 (string)

}

6 : { »

status : affected (string)

version : 7.8.1 (string)

}

7 : { »

status : affected (string)

version : 8.1 (string)

}

8 : { »

status : affected (string)

version : 6.1 (string)

}

9 : { »

status : affected (string)

version : 6.2 (string)

}

10 : { »

status : affected (string)

version : 6.3 (string)

}

11 : { »

status : affected (string)

version : 6.4 (string)

}

12 : { »

status : affected (string)

version : 7.1 (string)

}

13 : { »

status : affected (string)

version : 7.2 (string)

}

14 : { »

status : affected (string)

version : 7.3 (string)

}

15 : { »

status : affected (string)

version : 7.4 (string)

}

16 : { »

status : affected (string)

version : 8.1.1 (string)

}

]

}

6 : { »

product : Storwize V5000 (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 7.1 (string)

}

1 : { »

status : affected (string)

version : 7.5 (string)

}

2 : { »

status : affected (string)

version : 7.6 (string)

}

3 : { »

status : affected (string)

version : 7.6.1 (string)

}

4 : { »

status : affected (string)

version : 7.7 (string)

}

5 : { »

status : affected (string)

version : 7.7.1 (string)

}

6 : { »

status : affected (string)

version : 7.8 (string)

}

7 : { »

status : affected (string)

version : 7.8.1 (string)

}

8 : { »

status : affected (string)

version : 8.1 (string)

}

9 : { »

status : affected (string)

version : 6.1 (string)

}

10 : { »

status : affected (string)

version : 6.2 (string)

}

11 : { »

status : affected (string)

version : 6.3 (string)

}

12 : { »

status : affected (string)

version : 6.4 (string)

}

13 : { »

status : affected (string)

version : 7.2 (string)

}

14 : { »

status : affected (string)

version : 7.3 (string)

}

15 : { »

status : affected (string)

version : 7.4 (string)

}

16 : { »

status : affected (string)

version : 8.1.1 (string)

}

]

}

7 : { »

product : Storwize V3700 (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 7.1 (string)

}

1 : { »

status : affected (string)

version : 6.4 (string)

}

2 : { »

status : affected (string)

version : 7.5 (string)

}

3 : { »

status : affected (string)

version : 7.6 (string)

}

4 : { »

status : affected (string)

version : 7.6.1 (string)

}

5 : { »

status : affected (string)

version : 7.7 (string)

}

6 : { »

status : affected (string)

version : 7.7.1 (string)

}

7 : { »

status : affected (string)

version : 7.8 (string)

}

8 : { »

status : affected (string)

version : 7.8.1 (string)

}

9 : { »

status : affected (string)

version : 8.1 (string)

}

10 : { »

status : affected (string)

version : 6.1 (string)

}

11 : { »

status : affected (string)

version : 6.2 (string)

}

12 : { »

status : affected (string)

version : 6.3 (string)

}

13 : { »

status : affected (string)

version : 7.2 (string)

}

14 : { »

status : affected (string)

version : 7.3 (string)

}

15 : { »

status : affected (string)

version : 7.4 (string)

}

16 : { »

status : affected (string)

version : 8.1.1 (string)

}

]

}

]

datePublic : 2018-05-14T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Obtain Information (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-06-04T09:57:01 (string)

orgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

shortName : ibm (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 (string)

}

1 : { »

name : 104349 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/104349 (string)

}

2 : { »

name : ibm-storwize-cve20181465-info-disc(140396) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/140396 (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@us.ibm.com (string)

DATE_PUBLIC : 2018-05-14T00:00:00 (string)

ID : CVE-2018-1465 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Storwize V3500 (string)

version : { »

version_data : [ »

0 : { »

version_value : 6.4 (string)

}

1 : { »

version_value : 7.1 (string)

}

2 : { »

version_value : 7.5 (string)

}

3 : { »

version_value : 7.6 (string)

}

4 : { »

version_value : 7.6.1 (string)

}

5 : { »

version_value : 7.7 (string)

}

6 : { »

version_value : 7.7.1 (string)

}

7 : { »

version_value : 7.8 (string)

}

8 : { »

version_value : 7.8.1 (string)

}

9 : { »

version_value : 8.1 (string)

}

10 : { »

version_value : 6.1 (string)

}

11 : { »

version_value : 6.2 (string)

}

12 : { »

version_value : 6.3 (string)

}

13 : { »

version_value : 7.2 (string)

}

14 : { »

version_value : 7.3 (string)

}

15 : { »

version_value : 7.4 (string)

}

16 : { »

version_value : 8.1.1 (string)

}

]

}

1 : { »

product_name : SAN Volume Controller (string)

version : { »

version_data : [ »

0 : { »

version_value : 6.1 (string)

}

1 : { »

version_value : 6.2 (string)

}

2 : { »

version_value : 6.3 (string)

}

3 : { »

version_value : 6.4 (string)

}

4 : { »

version_value : 7.1 (string)

}

5 : { »

version_value : 7.5 (string)

}

6 : { »

version_value : 7.6 (string)

}

7 : { »

version_value : 7.6.1 (string)

}

8 : { »

version_value : 7.7 (string)

}

9 : { »

version_value : 7.7.1 (string)

}

10 : { »

version_value : 7.8 (string)

}

11 : { »

version_value : 7.8.1 (string)

}

12 : { »

version_value : 8.1 (string)

}

]

}

2 : { »

product_name : Spectrum Virtualize Software (string)

version : { »

version_data : [ »

0 : { »

version_value : 7.5 (string)

}

1 : { »

version_value : 7.6 (string)

}

2 : { »

version_value : 7.6.1 (string)

}

3 : { »

version_value : 7.7 (string)

}

4 : { »

version_value : 7.7.1 (string)

}

5 : { »

version_value : 7.8 (string)

}

6 : { »

version_value : 7.8.1 (string)

}

7 : { »

version_value : 8.1 (string)

}

8 : { »

version_value : 6.1 (string)

}

9 : { »

version_value : 6.2 (string)

}

10 : { »

version_value : 6.3 (string)

}

11 : { »

version_value : 6.4 (string)

}

12 : { »

version_value : 7.1 (string)

}

13 : { »

version_value : 7.2 (string)

}

14 : { »

version_value : 7.3 (string)

}

15 : { »

version_value : 7.4 (string)

}

16 : { »

version_value : 8.1.1 (string)

}

]

}

3 : { »

product_name : Spectrum Virtualize for Public Cloud (string)

version : { »

version_data : [ »

0 : { »

version_value : 7.5 (string)

}

1 : { »

version_value : 7.6 (string)

}

2 : { »

version_value : 7.6.1 (string)

}

3 : { »

version_value : 7.7 (string)

}

4 : { »

version_value : 7.7.1 (string)

}

5 : { »

version_value : 7.8 (string)

}

6 : { »

version_value : 7.8.1 (string)

}

7 : { »

version_value : 8.1 (string)

}

8 : { »

version_value : 6.1 (string)

}

9 : { »

version_value : 6.2 (string)

}

10 : { »

version_value : 6.3 (string)

}

11 : { »

version_value : 6.4 (string)

}

12 : { »

version_value : 7.1 (string)

}

13 : { »

version_value : 7.2 (string)

}

14 : { »

version_value : 7.3 (string)

}

15 : { »

version_value : 7.4 (string)

}

16 : { »

version_value : 8.1.1 (string)

}

]

}

4 : { »

product_name : Storwize V7000 (2076) (string)

version : { »

version_data : [ »

0 : { »

version_value : 6.1 (string)

}

1 : { »

version_value : 6.2 (string)

}

2 : { »

version_value : 6.3 (string)

}

3 : { »

version_value : 6.4 (string)

}

4 : { »

version_value : 7.1 (string)

}

5 : { »

version_value : 7.2 (string)

}

6 : { »

version_value : 7.3 (string)

}

7 : { »

version_value : 7.4 (string)

}

8 : { »

version_value : 1.1 (string)

}

9 : { »

version_value : 7.5 (string)

}

10 : { »

version_value : 7.6 (string)

}

11 : { »

version_value : 7.6.1 (string)

}

12 : { »

version_value : 7.7 (string)

}

13 : { »

version_value : 7.7.1 (string)

}

14 : { »

version_value : 7.8 (string)

}

15 : { »

version_value : 7.8.1 (string)

}

16 : { »

version_value : 8.1 (string)

}

17 : { »

version_value : 8.1.1 (string)

}

]

}

5 : { »

product_name : FlashSystem V9000 (string)

version : { »

version_data : [ »

0 : { »

version_value : 7.5 (string)

}

1 : { »

version_value : 7.6 (string)

}

2 : { »

version_value : 7.6.1 (string)

}

3 : { »

version_value : 7.7 (string)

}

4 : { »

version_value : 7.7.1 (string)

}

5 : { »

version_value : 7.8 (string)

}

6 : { »

version_value : 7.8.1 (string)

}

7 : { »

version_value : 8.1 (string)

}

8 : { »

version_value : 6.1 (string)

}

9 : { »

version_value : 6.2 (string)

}

10 : { »

version_value : 6.3 (string)

}

11 : { »

version_value : 6.4 (string)

}

12 : { »

version_value : 7.1 (string)

}

13 : { »

version_value : 7.2 (string)

}

14 : { »

version_value : 7.3 (string)

}

15 : { »

version_value : 7.4 (string)

}

16 : { »

version_value : 8.1.1 (string)

}

]

}

6 : { »

product_name : Storwize V5000 (string)

version : { »

version_data : [ »

0 : { »

version_value : 7.1 (string)

}

1 : { »

version_value : 7.5 (string)

}

2 : { »

version_value : 7.6 (string)

}

3 : { »

version_value : 7.6.1 (string)

}

4 : { »

version_value : 7.7 (string)

}

5 : { »

version_value : 7.7.1 (string)

}

6 : { »

version_value : 7.8 (string)

}

7 : { »

version_value : 7.8.1 (string)

}

8 : { »

version_value : 8.1 (string)

}

9 : { »

version_value : 6.1 (string)

}

10 : { »

version_value : 6.2 (string)

}

11 : { »

version_value : 6.3 (string)

}

12 : { »

version_value : 6.4 (string)

}

13 : { »

version_value : 7.2 (string)

}

14 : { »

version_value : 7.3 (string)

}

15 : { »

version_value : 7.4 (string)

}

16 : { »

version_value : 8.1.1 (string)

}

]

}

7 : { »

product_name : Storwize V3700 (string)

version : { »

version_data : [ »

0 : { »

version_value : 7.1 (string)

}

1 : { »

version_value : 6.4 (string)

}

2 : { »

version_value : 7.5 (string)

}

3 : { »

version_value : 7.6 (string)

}

4 : { »

version_value : 7.6.1 (string)

}

5 : { »

version_value : 7.7 (string)

}

6 : { »

version_value : 7.7.1 (string)

}

7 : { »

version_value : 7.8 (string)

}

8 : { »

version_value : 7.8.1 (string)

}

9 : { »

version_value : 8.1 (string)

}

10 : { »

version_value : 6.1 (string)

}

11 : { »

version_value : 6.2 (string)

}

12 : { »

version_value : 6.3 (string)

}

13 : { »

version_value : 7.2 (string)

}

14 : { »

version_value : 7.3 (string)

}

15 : { »

version_value : 7.4 (string)

}

16 : { »

version_value : 8.1.1 (string)

}

]

}

]

}

vendor_name : IBM (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Obtain Information (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 (string)

refsource : CONFIRM (string)

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 (string)

}

1 : { »

name : 104349 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/104349 (string)

}

2 : { »

name : ibm-storwize-cve20181465-info-disc(140396) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/140396 (string)

}

3 : { »

name : http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 (string)

refsource : CONFIRM (string)

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 (string)

}

4 : { »

name : http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 (string)

refsource : CONFIRM (string)

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T03:59:39.071Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 (string)

}

1 : { »

name : 104349 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/104349 (string)

}

2 : { »

name : ibm-storwize-cve20181465-info-disc(140396) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/140396 (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

assignerShortName : ibm (string)

cveId : CVE-2018-1465 (string)

datePublished : 2018-05-17T21:00:00Z (string)

dateReserved : 2017-12-13T00:00:00 (string)

dateUpdated : 2024-09-16T18:14:09.942Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D89606B4-1FED-4E6D-A9C4-743AD4370F13", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B321B55-5FFC-45E5-9321-9597E7A94A82", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D4ACA74-BAB6-47D1-BC50-8F07C4747462", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CD4279C-71D2-486B-90B8-10A1EC76A0F5", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6489151B-4186-4053-85F0-46D2B1B1757C", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB9F3B31-D576-4409-9169-1E75817F9B8A", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A1CC99A-766D-424F-B326-B37730E3DA2C", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC5E991F-8158-4D5C-A386-758F66A6BF30", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "21E4C68D-88AA-435C-847B-3240E1A01FFD", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBC87F57-1CA7-407D-900F-1D4446F90622", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D60A6F64-CD2A-47E0-8042-ABB652CD91C8", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4008901C-02BF-4E06-BAFD-478F4DD617C4", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A57126DD-E859-445F-BD4D-319E274E2C57", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*", "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEABCC87-2B83-40CA-B294-1DA05B0D3B73", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD485024-AF76-4DCA-96EC-6B53B884FD7F", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E6520AA-BE3E-4201-9801-6CCB44C32A44", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "334EAB80-5459-4B63-97E1-2037CEEA0F7D", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "69D74D0E-3687-47C7-A5A6-D9236DAA36B1", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*", "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC9AE767-4FD6-4B67-BDB7-0791DB021730", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "94970CE9-7966-425F-A4EA-5A0CC6370ADF", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F85EE26-3790-444F-85E2-22DAEDDEA551", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACB73340-A00E-49F1-B35D-B0BA587E415B", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "35C17D90-428F-4429-89B3-79CEB57BCB18", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE318865-39E2-4C29-AC4C-5FF8A915BF1E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A76939A-1F90-4D2F-A746-2C4B2FBB438C", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D054887-113F-484B-9C38-50C01F2FD5E7", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "14696A74-D805-49B0-BE42-4573E7EF64E2", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*", "matchCriteriaId": "86AE1A09-5931-44C8-9484-0ABEE9E5B8D8", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D078605-01D6-4BF4-8485-60322266E343", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*", "matchCriteriaId": "D52F4979-E8D4-4718-BBBB-0576294C587D", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0C01653-8CB3-491F-9223-C24B33A9A4EF", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF2C8858-2FB2-434F-8952-A82F1D2EDA30", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "49638631-FA8D-4B44-B243-58CCE54B4B6E", "versionEndExcluding": "7.5.0.14", "versionStartIncluding": "6.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "B341B1B5-D8F0-4B21-A2A8-3CBF08878769", "versionEndExcluding": "7.7.1.9", "versionStartIncluding": "7.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "04D55F4A-3019-4D65-9C22-FE4F029A70E0", "versionEndExcluding": "7.8.1.6", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECF80390-D08F-4060-A267-5229F6CA1700", "versionEndExcluding": "8.1.1.2", "versionStartIncluding": "8.1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1D5EBAF-D22C-4340-B0FC-710797C23F95", "versionEndExcluding": "8.1.2.1", "versionStartIncluding": "8.1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396."}, {"lang": "es", "value": "Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podr\u00edan permitir que un usuario autenticado obtenga la clave privada que podr\u00eda posibilitar la interceptaci\u00f3n de comunicaciones en la interfaz gr\u00e1fica de usuario. IBM X-Force ID: 140396."}], "id": "CVE-2018-1465", "lastModified": "2024-11-21T03:59:52.673", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-17T21:29:00.650", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"}, {"source": "psirt@us.ibm.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104349"}, {"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012263"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012282"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012283"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140396"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D89606B4-1FED-4E6D-A9C4-743AD4370F13 (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3B321B55-5FFC-45E5-9321-9597E7A94A82 (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D4ACA74-BAB6-47D1-BC50-8F07C4747462 (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4CD4279C-71D2-486B-90B8-10A1EC76A0F5 (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6489151B-4186-4053-85F0-46D2B1B1757C (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:* (string)

matchCriteriaId : AA2ED020-4C7B-4303-ABE6-74D46D127556 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DB9F3B31-D576-4409-9169-1E75817F9B8A (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6A1CC99A-766D-424F-B326-B37730E3DA2C (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AC5E991F-8158-4D5C-A386-758F66A6BF30 (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 21E4C68D-88AA-435C-847B-3240E1A01FFD (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2B1B3F80-E9E5-42D5-8E90-3121C6D68CFC (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EBC87F57-1CA7-407D-900F-1D4446F90622 (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D60A6F64-CD2A-47E0-8042-ABB652CD91C8 (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D5FBC1E8-ACE9-443C-8C9F-5699D49AFD0F (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4008901C-02BF-4E06-BAFD-478F4DD617C4 (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A57126DD-E859-445F-BD4D-319E274E2C57 (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 49318A1D-49F6-4CA7-AE31-0EB4B3790CBB (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CEABCC87-2B83-40CA-B294-1DA05B0D3B73 (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DD485024-AF76-4DCA-96EC-6B53B884FD7F (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3E6520AA-BE3E-4201-9801-6CCB44C32A44 (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 334EAB80-5459-4B63-97E1-2037CEEA0F7D (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 69D74D0E-3687-47C7-A5A6-D9236DAA36B1 (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7352FACE-C8D0-49A7-A2D7-B755599F0FB3 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC9AE767-4FD6-4B67-BDB7-0791DB021730 (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 94970CE9-7966-425F-A4EA-5A0CC6370ADF (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7F85EE26-3790-444F-85E2-22DAEDDEA551 (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : ACB73340-A00E-49F1-B35D-B0BA587E415B (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:ibm:storwize_v9000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 35C17D90-428F-4429-89B3-79CEB57BCB18 (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:ibm:storwize_v9000:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EE318865-39E2-4C29-AC4C-5FF8A915BF1E (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0628E9DA-BE99-40DE-9A5C-A4E6B85C3FCA (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 30B8D1B8-FBE8-4A9E-987C-CC71B8F73AE2 (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5A76939A-1F90-4D2F-A746-2C4B2FBB438C (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7D054887-113F-484B-9C38-50C01F2FD5E7 (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 14696A74-D805-49B0-BE42-4573E7EF64E2 (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D5D84487-CEBA-48A0-9B15-A0300D992E3D (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

6 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 86AE1A09-5931-44C8-9484-0ABEE9E5B8D8 (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6D078605-01D6-4BF4-8485-60322266E343 (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D52F4979-E8D4-4718-BBBB-0576294C587D (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B0C01653-8CB3-491F-9223-C24B33A9A4EF (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CF2C8858-2FB2-434F-8952-A82F1D2EDA30 (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

7 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 49638631-FA8D-4B44-B243-58CCE54B4B6E (string)

versionEndExcluding : 7.5.0.14 (string)

versionStartIncluding : 6.1.0.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B341B1B5-D8F0-4B21-A2A8-3CBF08878769 (string)

versionEndExcluding : 7.7.1.9 (string)

versionStartIncluding : 7.7.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 04D55F4A-3019-4D65-9C22-FE4F029A70E0 (string)

versionEndExcluding : 7.8.1.6 (string)

versionStartIncluding : 7.8.0.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:* (string)

matchCriteriaId : ECF80390-D08F-4060-A267-5229F6CA1700 (string)

versionEndExcluding : 8.1.1.2 (string)

versionStartIncluding : 8.1.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E1D5EBAF-D22C-4340-B0FC-710797C23F95 (string)

versionEndExcluding : 8.1.2.1 (string)

versionStartIncluding : 8.1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396. (string)

}

1 : { »

lang : es (string)

value : Los productos IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize e IBM FlashSystem ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1 y 8.1.1) podrían permitir que un usuario autenticado obtenga la clave privada que podría posibilitar la interceptación de comunicaciones en la interfaz gráfica de usuario. IBM X-Force ID: 140396. (string)

}

]

id : CVE-2018-1465 (string)

lastModified : 2024-11-21T03:59:52.673 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : SINGLE (string)

availabilityImpact : NONE (string)

baseScore : 3.5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:S/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 6.8 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1.6 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2018-05-17T21:29:00.650 (string)

references : [ »

0 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 (string)

}

1 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 (string)

}

2 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 (string)

}

3 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/104349 (string)

}

4 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/140396 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012263 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012282 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=ssg1S1012283 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/104349 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/140396 (string)

}

]

sourceIdentifier : psirt@us.ibm.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-200 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object