CVE-2018-1434
Published: May 17, 2018
Modified: Sep 17, 2024
Description
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474.
| Vendor | Product | Versions |
|---|---|---|
IBM | FlashSystem V9000 | affected 7.5affected 7.6affected 7.6.1affected 7.7affected 7.7.1+12 more versions |
IBM | Storwize V3700 | affected 7.1affected 6.4affected 7.5affected 7.6affected 7.6.1+12 more versions |
IBM | Storwize V5000 | affected 7.1affected 7.5affected 7.6affected 7.6.1affected 7.7+12 more versions |
IBM | Spectrum Virtualize Software | affected 7.5affected 7.6affected 7.6.1affected 7.7affected 7.7.1+12 more versions |
IBM | SAN Volume Controller | affected 6.1affected 6.2affected 6.3affected 6.4affected 7.1+8 more versions |
IBM | Spectrum Virtualize for Public Cloud | affected 7.5affected 7.6affected 7.6.1affected 7.7affected 7.7.1+12 more versions |
IBM | Storwize V7000 (2076) | affected 6.1affected 6.2affected 6.3affected 6.4affected 7.1+13 more versions |
IBM | Storwize V3500 | affected 6.4affected 7.1affected 7.5affected 7.6affected 7.6.1+12 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now