Vulnerability Description
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spectrum Virtualize Software | >= 7.5, <= 8.2 |
| Ibm | Flashsystem V9000 | - |
| Ibm | Flashsystem V9100 | - |
| Ibm | San Volume Controller | - |
| Ibm | Storwize V3500 | - |
| Ibm | Storwize V3700 | - |
| Ibm | Storwize V5000 | - |
| Ibm | Storwize V7000 | - |
| Ibm | Spectrum Virtualize Software For Public Cloud | >= 7.5, <= 8.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107187Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148757VDB EntryVendor Advisory
- https://www.ibm.com/support/docview.wss?uid=ibm10872486Vendor Advisory
- http://www.securityfocus.com/bid/107187Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148757VDB EntryVendor Advisory
- https://www.ibm.com/support/docview.wss?uid=ibm10872486Vendor Advisory
FAQ
What is CVE-2018-1775?
CVE-2018-1775 is a vulnerability with a CVSS score of 6.5 (MEDIUM). IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating ...
How severe is CVE-2018-1775?
CVE-2018-1775 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-1775?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Virtualize Software, Ibm Flashsystem V9000, Ibm Flashsystem V9100, Ibm San Volume Controller, Ibm Storwize V3500.