IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x prior to 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm storwize v7000 unified software 1.3.0.0 |
||
ibm storwize v7000 unified software 1.3.2.0 |
||
ibm storwize v7000 unified software 1.3.2.3 |
||
ibm storwize v7000 unified software 1.4.0.0 |
||
ibm storwize v7000 unified software 1.4.0.4 |
||
ibm storwize v7000 unified software 1.4.1.0 |
||
ibm storwize v7000 unified software 1.4.1.1 |
||
ibm storwize v7000 unified software 1.4.2.0 |
||
ibm storwize v7000 unified software 1.4.3.0 |
||
ibm storwize v7000 unified software 1.4.3.3 |
||
ibm storwize unified v7000 - |