CVE-2018-1775

medium

Description

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757.

References

https://www.ibm.com/support/docview.wss?uid=ibm10872486

https://exchange.xforce.ibmcloud.com/vulnerabilities/148757

http://www.securityfocus.com/bid/107187

Details

Source: Mitre, NVD

Published: 2019-02-27

Updated: 2019-10-09

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N