Vulnerability Description
IBM System Storage Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.0 does not properly restrict the content of a dump file upon encountering a 1691 hardware fault, which allows remote authenticated users to obtain sensitive customer-data fragments by reading this file after it is copied.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Storwize Unified V7000 Software | 1.3.0.0 |
| Ibm | Storwize Unified V7000 | - |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=ssg1S1004676Vendor Advisory
- http://www.securityfocus.com/bid/68133
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89782
- http://www.ibm.com/support/docview.wss?uid=ssg1S1004676Vendor Advisory
- http://www.securityfocus.com/bid/68133
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89782
FAQ
What is CVE-2013-6737?
CVE-2013-6737 is a vulnerability with a CVSS score of 4.0 (MEDIUM). IBM System Storage Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.0 does not properly restrict the content of a dump file upon encountering a 1691 hardware fault, which allows remote authenticate...
How severe is CVE-2013-6737?
CVE-2013-6737 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-6737?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Storwize Unified V7000 Software, Ibm Storwize Unified V7000.