Vulnerability Description
IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remote attackers to gain user access via unknown vectors. IBM X-Force ID: 75041.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Xiv Storage System 2810-A14 Firmware | < 10.2.4.e-2 |
| Ibm | Xiv Storage System 2810-A14 | - |
| Ibm | Xiv Storage System 2812-A14 Firmware | < 10.2.4.e-2 |
| Ibm | Xiv Storage System 2812-A14 | - |
| Ibm | Xiv Storage System 2810-114 Firmware | < 11.1.1 |
| Ibm | Xiv Storage System 2810-114 | - |
| Ibm | Xiv Storage System 2812-114 Firmware | < 11.1.1 |
| Ibm | Xiv Storage System 2812-114 | - |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004256Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75041VDB EntryVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004256Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75041VDB EntryVendor Advisory
FAQ
What is CVE-2012-2166?
CVE-2012-2166 is a vulnerability with a CVSS score of 9.8 (CRITICAL). IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remot...
How severe is CVE-2012-2166?
CVE-2012-2166 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2012-2166?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Xiv Storage System 2810-A14 Firmware, Ibm Xiv Storage System 2810-A14, Ibm Xiv Storage System 2812-A14 Firmware, Ibm Xiv Storage System 2812-A14, Ibm Xiv Storage System 2810-114 Firmware.