Apr 24, 2018 9:00 am EDT
Categorized: High Severity
Share this post:
There are vulnerabilities in GNU Bash to which the IBM FlashSystem™ V840 is susceptible. An exploit of these vulnerabilities (CVE-2016-0634, CVE-2016-7543, CVE-2016-9401) could make the system susceptible to an attack which could allow an attacker to execute arbitrary code and commands on the system or bypass the restricted shell.
CVE(s): CVE-2016-0634, CVE-2016-7543, CVE-2016-9401
Affected product(s) and affected version(s):
Storage Node machine type and models (MTMs) affected: 9840-AE1 and 9843-AE1
Controller Node MTMs affected: 9846-AC0, 9848-AC0, 9846-AC1, and 9848-AC1
Supported storage node code versions which are affected
· VRMFs prior to 1.3.0.9
· VRMFs prior to 1.4.8.0
Supported controller node code versions which are affected
· VRMFs prior to 7.6.1.9
· VRMFs prior to 7.7.1.9
· VRMFs prior to 7.8.1.6
· VRMFs prior to 8.1.0.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ssg1S1012284
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/121373
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/121372
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/122314
from IBM Product Security Incident Response Team https://ift.tt/2JiBhSs
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.