CVE-2014-3077

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 15/09/2014 Updated: 29/08/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x prior to 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm storwize_v7000_unified_software 1.4.1.0
ibm storwize_v7000_unified_software 1.4.0.4
ibm storwize_v7000_unified_software 1.4.0.0
ibm storwize_v7000_unified_software 1.3.2.3
ibm storwize_v7000_unified_software 1.4.3.3
ibm storwize_v7000_unified_software 1.4.3.0
ibm storwize_v7000_unified_software 1.3.2.0
ibm storwize_v7000_unified_software 1.3.0.0
ibm storwize_v7000_unified_software 1.4.2.0
ibm storwize_v7000_unified_software 1.4.1.1
ibm storwize_unified_v7000 -

CWE-200 http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004837 https://exchange.xforce.ibmcloud.com/vulnerabilities/93906 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3077

Vulnerability Summary

References

Vulmon Search

About

Products

Connect