Strix
26.1K

CVE-2014-0880

UnknownEPSS 1.90%

Last modified

CVE-2014-0880 is a vulnerability of currently unknown severity. IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrative IP address.. EPSS estimates a 1.90% chance of exploitation in the next 30 days.

Description

IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrative IP address.

Metrics

EPSS Probability
1.90%

77.0th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
IbmStorwize V7000 Software6.3.0.0
IbmStorwize V7000 Software6.3.0.1
IbmStorwize V7000 Software6.3.0.2
IbmStorwize V7000 Software6.3.0.3
IbmStorwize V7000 Software6.3.0.4
IbmStorwize V7000 Software6.3.0.5
IbmStorwize V7000 Software6.3.0.6
IbmStorwize V7000 Software6.3.0.7
IbmStorwize V7000 Software6.4.0.0
IbmStorwize V7000 Software6.4.0.1
IbmStorwize V7000 Software6.4.0.2
IbmStorwize V7000 Software6.4.0.3
IbmStorwize V7000 Software6.4.0.4
IbmStorwize V7000 Software6.4.1.1
IbmStorwize V7000 Software6.4.1.2
IbmStorwize V7000 Software6.4.1.3
IbmStorwize V7000 Software6.4.1.4
IbmStorwize V7000 Software6.4.1.5
IbmStorwize V7000 Software6.4.1.6
IbmStorwize V7000 Software6.4.1.7
IbmStorwize V7000 Software7.1.0.0
IbmStorwize V7000 Software7.1.0.1
IbmStorwize V7000 Software7.1.0.2
IbmStorwize V7000 Software7.1.0.3
IbmStorwize V7000 Software7.1.0.5
IbmStorwize V7000 Software7.1.0.6
IbmStorwize V7000 Software7.1.0.7
IbmStorwize V7000 Software7.2.0.0
IbmStorwize V7000 Software7.2.0.1
IbmStorwize V7000 Software7.2.0.2
IbmStorwize V7000All versions
IbmFlex System V7000 Software6.4.1.2
IbmFlex System V7000 Software6.4.1.3
IbmFlex System V7000 Software6.4.1.4
IbmFlex System V7000 Software6.4.1.5
IbmFlex System V7000 Software6.4.1.6
IbmFlex System V7000 Software6.4.1.7
IbmFlex System V7000 Software7.1.0.1
IbmFlex System V7000 Software7.1.0.2
IbmFlex System V7000 Software7.1.0.3
IbmFlex System V7000 Software7.1.0.5
IbmFlex System V7000 Software7.1.0.6
IbmFlex System V7000 Software7.1.0.7
IbmFlex System V7000 Software7.2.0.0
IbmFlex System V7000 Software7.2.0.1
IbmFlex System V7000 Software7.2.0.2
IbmFlex System V7000All versions
IbmStorwize V3700 Software6.4.1.0
IbmStorwize V3700 Software6.4.1.1
IbmStorwize V3700 Software6.4.1.2

Showing 50 of 143 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2014-0880?
IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrative IP address.
How severe is CVE-2014-0880?
Severity scoring for CVE-2014-0880 is pending analysis. The EPSS model estimates a 1.90% probability of exploitation in the next 30 days.
How do I fix CVE-2014-0880?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-0880?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST