2017-12-13 17:04:27 -05:00
{
2019-02-26 09:37:58 -05:00
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 872486 (SAN Volume Controller)" ,
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872486" ,
"refsource" : "CONFIRM" ,
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872486"
} ,
{
"title" : "X-Force Vulnerability Report" ,
"name" : "ibm-storwize-cve20181775-file-download (148757)" ,
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148757" ,
"refsource" : "XF"
}
]
2017-12-13 17:04:27 -05:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2019-02-26 09:37:58 -05:00
"value" : "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757."
2017-12-13 17:04:27 -05:00
}
]
2019-02-26 09:37:58 -05:00
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
} ,
"product_name" : "torwize V7000"
} ,
{
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
} ,
"product_name" : "torwize V3500"
} ,
{
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
} ,
"product_name" : "torwize V3700"
} ,
{
"product_name" : "Spectrum Virtualize for Public Cloud" ,
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
}
} ,
{
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
} ,
"product_name" : "Spectrum Virtualize Software"
} ,
{
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
} ,
"product_name" : "SAN Volume Controller"
} ,
{
"product_name" : "FlashSystem V9000" ,
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
}
} ,
{
"product_name" : "torwize V5000" ,
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
}
} ,
{
"version" : {
"version_data" : [
{
"version_value" : "7.5"
} ,
{
"version_value" : "8.2"
}
]
} ,
"product_name" : "FlashSystem 9100 Family"
}
]
} ,
"vendor_name" : "IBM"
}
]
}
} ,
"data_version" : "4.0" ,
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com" ,
"STATE" : "PUBLIC" ,
"ID" : "CVE-2018-1775" ,
"DATE_PUBLIC" : "2019-02-25T00:00:00"
} ,
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "H" ,
"AC" : "L" ,
"PR" : "L" ,
"I" : "N" ,
"AV" : "N" ,
"A" : "N" ,
"SCORE" : "6.500" ,
"UI" : "N" ,
"S" : "U"
} ,
"TM" : {
"E" : "U" ,
"RC" : "C" ,
"RL" : "T"
}
}
} ,
"data_format" : "MITRE" ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information" ,
"lang" : "eng"
}
]
}
]
} ,
"data_type" : "CVE"
2017-12-13 17:04:27 -05:00
}
