Vulnerabilities > IBM > Scale OUT Network Attached Storage

DATE CVE VULNERABILITY TITLE RISK
2014-07-19 CVE-2014-3045 Information Exposure vulnerability in IBM Scale OUT Network Attached Storage
IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an administrative password in the shell history upon use of the -p option to chuser, which allows local users to obtain sensitive information by leveraging root access.
local
low complexity
ibm CWE-200
2.1
2.1
2013-04-07 CVE-2012-0706 Permissions, Privileges, and Access Controls vulnerability in IBM Scale OUT Network Attached Storage 1.3
IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires cleartext storage of LDAP credentials without recommending a less privileged LDAP account, which might allow attackers to obtain sensitive server information by leveraging root access to a client machine.
network
ibm CWE-264
3.5
3.5
2012-07-30 CVE-2012-2163 Permissions, Privileges, and Access Controls vulnerability in IBM Scale OUT Network Attached Storage 1.1/1.3.1
IBM Scale Out Network Attached Storage (SONAS) 1.1 through 1.3.1 allows remote authenticated administrators to execute arbitrary Linux commands via the (1) Command Line Interface or (2) Graphical User Interface, related to a "code injection" issue.
network
low complexity
ibm CWE-264
critical
 9.0
9.0