CVE-2018-1466: Weak Encryption
First published: Thu May 17 2018(Updated: )
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Storwize V7000 Firmware | >=6.1.0.0<7.5.0.14 | |
| Ibm Storwize V7000 Firmware | >=7.7.0.0<7.7.1.9 | |
| Ibm Storwize V7000 Firmware | >=7.8.0.0<7.8.1.6 | |
| Ibm Storwize V7000 Firmware | >=8.1.1.0<8.1.1.2 | |
| Ibm Storwize V7000 Firmware | >=8.1.2.0<8.1.2.1 | |
| IBM Storwize V7000 | ||
| Ibm Storwize V5000 Firmware | >=6.1.0.0<7.5.0.14 | |
| Ibm Storwize V5000 Firmware | >=7.7.0.0<7.7.1.9 | |
| Ibm Storwize V5000 Firmware | >=7.8.0.0<7.8.1.6 | |
| Ibm Storwize V5000 Firmware | >=8.1.1.0<8.1.1.2 | |
| Ibm Storwize V5000 Firmware | >=8.1.2.0<8.1.2.1 | |
| Ibm Storwize V5000 | ||
| Ibm Storwize V3700 Firmware | >=6.1.0.0<7.5.0.14 | |
| Ibm Storwize V3700 Firmware | >=7.7.0.0<7.7.1.9 | |
| Ibm Storwize V3700 Firmware | >=7.8.0.0<7.8.1.6 | |
| Ibm Storwize V3700 Firmware | >=8.1.1.0<8.1.1.2 | |
| Ibm Storwize V3700 Firmware | >=8.1.2.0<8.1.2.1 | |
| Ibm Storwize V3700 | ||
| Ibm Storwize V3500 Firmware | >=6.1.0.0<7.5.0.14 | |
| Ibm Storwize V3500 Firmware | >=7.7.0.0<7.7.1.9 | |
| Ibm Storwize V3500 Firmware | >=7.8.0.0<7.8.1.6 | |
| Ibm Storwize V3500 Firmware | >=8.1.1.0<8.1.1.2 | |
| Ibm Storwize V3500 Firmware | >=8.1.2.0<8.1.2.1 | |
| Ibm Storwize V3500 | ||
| Ibm Storwize V9000 Firmware | >=6.1.0.0<7.5.0.14 | |
| Ibm Storwize V9000 Firmware | >=7.7.0.0<7.7.1.9 | |
| Ibm Storwize V9000 Firmware | >=7.8.0.0<7.8.1.6 | |
| Ibm Storwize V9000 Firmware | >=8.1.1.0<8.1.1.2 | |
| Ibm Storwize V9000 Firmware | >=8.1.2.0<8.1.2.1 | |
| Ibm Storwize V9000 | ||
| Ibm San Volume Controller Firmware | >=6.1.0.0<7.5.0.14 | |
| Ibm San Volume Controller Firmware | >=7.7.0.0<7.7.1.9 | |
| Ibm San Volume Controller Firmware | >=7.8.0.0<7.8.1.6 | |
| Ibm San Volume Controller Firmware | >=8.1.1.0<8.1.1.2 | |
| Ibm San Volume Controller Firmware | >=8.1.2.0<8.1.2.1 | |
| IBM SAN Volume Controller | ||
| IBM Spectrum Virtualize | >=6.1.0.0<7.5.0.14 | |
| IBM Spectrum Virtualize | >=7.7.0.0<7.7.1.9 | |
| IBM Spectrum Virtualize | >=7.8.0.0<7.8.1.6 | |
| IBM Spectrum Virtualize | >=8.1.1.0<8.1.1.2 | |
| IBM Spectrum Virtualize | >=8.1.2.0<8.1.2.1 | |
| Ibm Spectrum Virtualize For Public Cloud | >=6.1.0.0<7.5.0.14 | |
| Ibm Spectrum Virtualize For Public Cloud | >=7.7.0.0<7.7.1.9 | |
| Ibm Spectrum Virtualize For Public Cloud | >=7.8.0.0<7.8.1.6 | |
| Ibm Spectrum Virtualize For Public Cloud | >=8.1.1.0<8.1.1.2 | |
| Ibm Spectrum Virtualize For Public Cloud | >=8.1.2.0<8.1.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/event
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm storwize v7000 firmware
- version/ibm storwize v7000 firmware/6.1.0.0
- version/ibm storwize v7000 firmware/7.7.0.0
- version/ibm storwize v7000 firmware/7.8.0.0
- version/ibm storwize v7000 firmware/8.1.1.0
- version/ibm storwize v7000 firmware/8.1.2.0
- canonical/ibm storwize v7000
- canonical/ibm storwize v5000 firmware
- version/ibm storwize v5000 firmware/6.1.0.0
- version/ibm storwize v5000 firmware/7.7.0.0
- version/ibm storwize v5000 firmware/7.8.0.0
- version/ibm storwize v5000 firmware/8.1.1.0
- version/ibm storwize v5000 firmware/8.1.2.0
- canonical/ibm storwize v5000
- canonical/ibm storwize v3700 firmware
- version/ibm storwize v3700 firmware/6.1.0.0
- version/ibm storwize v3700 firmware/7.7.0.0
- version/ibm storwize v3700 firmware/7.8.0.0
- version/ibm storwize v3700 firmware/8.1.1.0
- version/ibm storwize v3700 firmware/8.1.2.0
- canonical/ibm storwize v3700
- canonical/ibm storwize v3500 firmware
- version/ibm storwize v3500 firmware/6.1.0.0
- version/ibm storwize v3500 firmware/7.7.0.0
- version/ibm storwize v3500 firmware/7.8.0.0
- version/ibm storwize v3500 firmware/8.1.1.0
- version/ibm storwize v3500 firmware/8.1.2.0
- canonical/ibm storwize v3500
- canonical/ibm storwize v9000 firmware
- version/ibm storwize v9000 firmware/6.1.0.0
- version/ibm storwize v9000 firmware/7.7.0.0
- version/ibm storwize v9000 firmware/7.8.0.0
- version/ibm storwize v9000 firmware/8.1.1.0
- version/ibm storwize v9000 firmware/8.1.2.0
- canonical/ibm storwize v9000
- canonical/ibm san volume controller firmware
- version/ibm san volume controller firmware/6.1.0.0
- version/ibm san volume controller firmware/7.7.0.0
- version/ibm san volume controller firmware/7.8.0.0
- version/ibm san volume controller firmware/8.1.1.0
- version/ibm san volume controller firmware/8.1.2.0
- canonical/ibm san volume controller
- canonical/ibm spectrum virtualize
- version/ibm spectrum virtualize/6.1.0.0
- version/ibm spectrum virtualize/7.7.0.0
- version/ibm spectrum virtualize/7.8.0.0
- version/ibm spectrum virtualize/8.1.1.0
- version/ibm spectrum virtualize/8.1.2.0
- canonical/ibm spectrum virtualize for public cloud
- version/ibm spectrum virtualize for public cloud/6.1.0.0
- version/ibm spectrum virtualize for public cloud/7.7.0.0
- version/ibm spectrum virtualize for public cloud/7.8.0.0
- version/ibm spectrum virtualize for public cloud/8.1.1.0
- version/ibm spectrum virtualize for public cloud/8.1.2.0