Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (Storage)  >   IBM Storwize Vendors:   IBM
IBM Storwize V7000 Unified Samba Bug Lets Remote Authenticated Users Modify Files
SecurityTracker Alert ID:  1028365
SecurityTracker URL:
CVE Reference:   CVE-2013-0454   (Links to External Site)
Date:  Mar 28 2013
Impact:   Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Storwize V7000 Unified ; 1.3.x, 1.4.x
Description:   A vulnerability was reported in IBM Storwize V7000 Unified. A remote authenticated user can modify files on the target share.

A remote authenticated user can exploit a flaw in the Samba implementation to perform operations on the target Storwize V7000 Unified CIFS export that are not permitted by the CIFS share access control settings. This may include writing to read-only shares.

Impact:   A remote authenticated user can modify files on the target share.
Solution:   The vendor has issued a fix (Storwize V7000 Unified,

The vendor's advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Access control error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC