語系:
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004834
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004836
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004837
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004854
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004860
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004861
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004867
嚴重性: High
ID: 84401
檔案名稱: ibm_storwize_1_5_0_2.nasl
版本: 1.10
類型: remote
系列: Misc.
已發布: 2015/6/26
已更新: 2019/11/22
支援的感應器: Nessus
風險因素: Medium
分數: 5.9
風險因素: High
基本分數: 9.3
時間分數: 7.7
媒介: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 評分資料來源: CVE-2014-1557
CPE: cpe:/h:ibm:storwize_unified_v7000, cpe:/h:ibm:storwize_v7000, cpe:/h:ibm:storwize_v5000, cpe:/h:ibm:storwize_v3700, cpe:/h:ibm:storwize_v3500, cpe:/h:ibm:san_volume_controller, cpe:/a:ibm:storwize_v7000_unified_software, cpe:/a:ibm:storwize_v7000_software, cpe:/a:ibm:storwize_v5000_software, cpe:/a:ibm:storwize_v3700_software, cpe:/a:ibm:storwize_v3500_software, cpe:/a:ibm:san_volume_controller_software
必要的 KB 項目: Host/IBM/Storwize/version, Host/IBM/Storwize/machine_major, Host/IBM/Storwize/display_name
可被惡意程式利用: true
可輕鬆利用: Exploits are available
修補程式發佈日期: 2015/7/15
弱點發布日期: 2007/1/3
Core Impact
Metasploit (Apache Struts ClassLoader Manipulation Remote Code Execution)
CVE: CVE-2007-6750, CVE-2013-4286, CVE-2013-4322, CVE-2014-0075, CVE-2014-0094, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0178, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557, CVE-2014-3077, CVE-2014-3493, CVE-2014-4811
BID: 21865, 65767, 65773, 65999, 67667, 67668, 67669, 67671, 67686, 68150, 68814, 68822, 68824, 69771, 69773
CERT: 719225