IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products could allow a remote attacker to spoof a trusted system that would not be correctly validated by the Storwize server. This could lead to a user connecting to a malicious host, believing that it was a trusted system and deceived into accepting spoofed data. IBM X-Force ID: 271016.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/271016 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/7114767 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/271016 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/7114767 | Vendor Advisory |
Configurations
History
21 Nov 2024, 08:30
Type | Values Removed | Values Added |
---|---|---|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/271016 - VDB Entry, Vendor Advisory | |
References | () https://www.ibm.com/support/pages/node/7114767 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
15 Feb 2024, 15:09
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/271016 - VDB Entry, Vendor Advisory | |
References | () https://www.ibm.com/support/pages/node/7114767 - Vendor Advisory | |
First Time |
Ibm
Ibm storage Virtualize |
|
CPE | cpe:2.3:a:ibm:storage_virtualize:8.6:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
07 Feb 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-07 17:15
Updated : 2024-11-21 08:30
NVD link : CVE-2023-47700
Mitre link : CVE-2023-47700
CVE.ORG link : CVE-2023-47700
JSON object : View
Products Affected
ibm
- storage_virtualize
CWE
CWE-295
Improper Certificate Validation