IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products could allow a remote attacker to spoof a trusted system that would not be correctly validated by the Storwize server. This could lead to a user connecting to a malicious host, believing that it was a trusted system and deceived into accepting spoofed data. IBM X-Force ID: 271016.
References
| Link | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/271016 | VDB Entry Vendor Advisory |
| https://www.ibm.com/support/pages/node/7114767 | Vendor Advisory |
Configurations
History
15 Feb 2024, 15:09
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Ibm storage Virtualize
Ibm |
|
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/271016 - VDB Entry, Vendor Advisory | |
| References | () https://www.ibm.com/support/pages/node/7114767 - Vendor Advisory | |
| Summary |
|
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CPE | cpe:2.3:a:ibm:storage_virtualize:8.6:*:*:*:*:*:*:* |
07 Feb 2024, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-07 17:15
Updated : 2024-02-15 15:09
NVD link : CVE-2023-47700
Mitre link : CVE-2023-47700
CVE.ORG link : CVE-2023-47700
JSON object : View
Products Affected
ibm
- storage_virtualize
CWE
CWE-295
Improper Certificate Validation