{ "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2019-02-25T00:00:00", "ID": "CVE-2018-1775", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "torwize V7000", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "torwize V3500", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "torwize V3700", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "Spectrum Virtualize for Public Cloud", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "Spectrum Virtualize Software", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "SAN Volume Controller", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "FlashSystem V9000", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "torwize V5000", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } }, { "product_name": "FlashSystem 9100 Family", "version": { "version_data": [ { "version_value": "7.5" }, { "version_value": "8.2" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "L", "AV": "N", "C": "H", "I": "N", "PR": "L", "S": "U", "SCORE": "6.500", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "T" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "107187", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107187" }, { "name": "ibm-storwize-cve20181775-file-download(148757)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/148757" }, { "name": "https://www.ibm.com/support/docview.wss?uid=ibm10872486", "refsource": "CONFIRM", "url": "https://www.ibm.com/support/docview.wss?uid=ibm10872486" } ] } }