| CVE-2013-0500 | Date: (C)2013-10-18 (M)2023-12-22 |
IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that are created with the NFS protocol but accessed with a non-NFS protocol, which allows remote authenticated users to obtain sensitive information, modify programs or files, or cause a denial of service (device crash) via a (1) CIFS, (2) HTTPS, (3) SCP, or (4) SFTP operation.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V2 Severity: |
| CVSS Score : 5.4 |
| Exploit Score: 5.5 |
| Impact Score: 6.4 |
| |
| CVSS V2 Metrics: |
| Access Vector: NETWORK |
| Access Complexity: MEDIUM |
| Authentication: MULTIPLE |
| Confidentiality: PARTIAL |
| Integrity: PARTIAL |
| Availability: PARTIAL |
| | |
