Dec 23, 2017 10:00 am EST
Categorized: High Severity
Share this post:
There is a vulnerability in Apache Struts to which the IBM® FlashSystem™ V840 is susceptible. An exploit of this vulnerability (CVE-2016-4461) could allow an attacker to execute arbitrary code on the system.
CVE(s): CVE-2016-4461
Affected product(s) and affected version(s):
Storage Node machine type and models (MTMs) affected: 9840-AE1 and 9843-AE1
Controller Node MTMs affected: 9846-AC0, 9848-AC0, 9846-AC1, and 9848-AC1
Supported storage node code versions which are affected
· VRMFs prior to 1.3.0.7
· VRMFs prior to 1.4.5.0
Supported controller node code versions which are affected
· VRMFs prior to 7.5.0.10
· VRMFs prior to 7.6.1.5
· VRMFs prior to 7.7.0.3
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2BHnJkk
X-Force Database: http://ift.tt/2l2dAn3
from IBM Product Security Incident Response Team http://ift.tt/2BFkolV
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.