CVE-2012-6354

IBM San Volume Controller Software - Authentication Bypass

Title source: rule

Description

The management GUI on the IBM SAN Volume Controller and Storwize V7000 6.x before 6.4.1.3 allows remote attackers to bypass authentication and obtain superuser access via IP packets.

References (2)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004277

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/80716

Scores

EPSS 0.0011

EPSS Percentile 28.9%

Classification

CWE

CWE-287

Status draft

Affected Products (5)

ibm/san_volume_controller_software

ibm/storwize_v7000

Timeline

Published Feb 19, 2013

Tracked Since Feb 18, 2026