Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Security bypass vulnerability in SAN Volume Controller and Storwize Family (CVE-2014-0094) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
Apache Struts ParametersInterceptor security bypass CVE(s): CVE-2014-0094 Affected product(s) and affected version(s): IBM SAN Volume Controller IBM Storwize V7000 IBM Storwize V5000 IBM Storwize V3700 IBM Storwize V3500 All products are affected when running code releases 6.1, 6.2, 6.3, 6.4, 7.1 and 7.2 except for versions 7.2.0.8 and above. Code level 7.3 is not vulnerable. Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_security_bypass_vulnerability_in_san_volume_controller_and_storwize_family_cve_2014_0094?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-0094 and CVE-2014-0411. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-09-04 |