Detections
Analytics

IBM Storwize V7000 Unified Service Account Unspecified Local Privilege Escalation

medium Nessus Plugin ID 76767

Language:

Synopsis

The remote host is affected by an unspecified local privilege escalation vulnerability.

Description

The remote host is affected by an unspecified local privilege escalation vulnerability that can be exploited through an IBM service account on the device.

Note that Nessus has not checked if the remote device has been patched. The device should be checked manually to confirm if the host is vulnerable.

Solution

Upgrade to version 1.4.3.3 or higher.

See Also

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004811

Plugin Details

Severity: Medium

ID: 76767

File Name: ibm_storwize_cve_2014_3043.nasl

Version: 1.6

Type: remote

Family: Misc.

Published: 7/24/2014

Updated: 7/12/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/h:ibm:storwize_unified_v7000, cpe:/a:ibm:storwize_unified_v7000_software

Exploit Ease: No known exploits are available

Patch Publication Date: 7/15/2014

Vulnerability Publication Date: 7/15/2014

Reference Information

CVE: CVE-2014-3043

BID: 68698