IBM Security Bulletin: Vulnerability in Service Assistant GUI affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-1710)

A vulnerability in the Service Assistant GUI affects IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products. The Service Assistant CLI interface is unaffected.

CVE(s): CVE-2017-1710

Affected product(s) and affected version(s):

IBM SAN Volume Controller
IBM Storwize V7000
IBM Storwize V5000
IBM FlashSystem V9000

All products are affected when running supported release 8.1.0.0 only. For unsupported versions of the above products, IBM recommends upgrading to a fixed, supported version of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ylzkQe
X-Force Database: http://ift.tt/2AtQ0GR

The post IBM Security Bulletin: Vulnerability in Service Assistant GUI affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-1710) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2ylzlUi