Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Vulnerability in Apache Struts affects IBM System Storage Storwize V7000 Unified (CVE-2014-0094) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
There is a ParametersInterceptor security bypass vulnerability in Apache Struts that is used by IBM System Storage Storwize V7000 Unified. CVE(s): CVE-2014-0094 Affected product(s) and affected version(s): IBM System Storage Storwize V7000 Unified All products are affected when running code releases 1.3 and 1.4 except for version 1.4.3.4 and above. Code release 1.5 is not affected. Refer to the following reference URLs for remediation and additional vulnerability details: Source More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_apache_struts_affects_ibm_system_storage_storwize_v7000_unified_cve_2014_0094?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-0094 ,CVE-2014-1518 ,CVE-2014-1523 ,CVE-2014-1524 ,CVE-2014-1529 ,CVE-2014-1530 ,CVE-2014-1531 ,CVE-2014-1532 ,CVE-2014-1533 ,CVE-2014-1538 ,CVE-2014-1541 ,CVE-2013-4286 ,CVE-2013-4332 ,CVE-2014-0075 ,CVE-2014-0099 and CVE-2014-4811. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-09-13 |