Boletines de Vulnerabilidades

IBM Security Bulletin: Hardware failure diagnostic information can include customer data fragments in SAN Volume Controller and Storwize Family (CVE-2013-6737)

Información sobre el sistema
   
Software afectado IBM

Descripción
Hardware failure diagnostics for a 1691 error include customer data fragments that may be copied from the system by an authorized user who might not otherwise have access to that data. CVE(s): CVE-2013-6737 Affected product(s) and affected version(s): IBM SAN Volume Controller IBM Storwize V7000 IBM Storwize V5000 IBM Storwize V3700 IBM Storwize V3500 IBM Flex System V7000 All products are affected when running code releases 6.1, 6.2, 6.3, 6.4 (with the exception of V6.4.1.7) and 7.1. Code

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_hardware_failure_diagnostic_information_can_include_customer_data_fragments_in_san_volume_controller_and_storwize_family_cve_2013_6737?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2013-6737 ,CVE-2014-3052 and CVE-2014-0224.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-06-21

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT