IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x prior to 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm storwize_v7000_unified_software 1.4.1.0 |
||
ibm storwize_v7000_unified_software 1.4.0.4 |
||
ibm storwize_v7000_unified_software 1.4.0.0 |
||
ibm storwize_v7000_unified_software 1.3.2.3 |
||
ibm storwize_v7000_unified_software 1.4.3.3 |
||
ibm storwize_v7000_unified_software 1.4.3.0 |
||
ibm storwize_v7000_unified_software 1.3.2.0 |
||
ibm storwize_v7000_unified_software 1.3.0.0 |
||
ibm storwize_v7000_unified_software 1.4.2.0 |
||
ibm storwize_v7000_unified_software 1.4.1.1 |
||
ibm storwize_unified_v7000 - |