CVE-2014-4811
Summary
| CVE | CVE-2014-4811 |
|---|---|
| State | PUBLISHED |
| Assigner | ibm |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-09-12 01:55:07 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | San Volume Controller Software | 6.1.0.0 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.1 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.10 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.2 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.3 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.4 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.5 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.6 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.7 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.8 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.1.0.9 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.2.0.0 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.2.0.1 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.2.0.2 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.2.0.3 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.2.0.4 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.2.0.5 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.2.0.6 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.0 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.1 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.2 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.3 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.4 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.5 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.6 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.3.0.7 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.0.0 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.0.1 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.0.2 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.0.3 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.0.4 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.1 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.2 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.3 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.4 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.5 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.6 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.7 | All | All | All |
| Application | Ibm | San Volume Controller Software | 6.4.1.8 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.1.0.0 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.1.0.1 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.1.0.2 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.1.0.3 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.1.0.5 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.1.0.6 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.1.0.7 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.0 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.1 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.2 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.3 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.4 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.5 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.6 | All | All | All |
| Application | Ibm | San Volume Controller Software | 7.2.0.7 | All | All | All |
| Hardware | Ibm | Storwize V3500 | - | All | All | All |
| Hardware | Ibm | Storwize V3700 | - | All | All | All |
| Hardware | Ibm | Storwize V5000 | - | All | All | All |
| Hardware | Ibm | Storwize V7000 | - | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM notice: The page you requested cannot be displayed | af854a3a-2127-422b-91ae-364da2661108 | www.ibm.com | Patch, Vendor Advisory |
| About Secunia Research | Flexera | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| IBM V7000 Unified CVE-2014-4811 Security Bypass Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.