IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Storwize_v7000_firmware | Ibm | 6.1.0.0 (including) | 7.5.0.14 (excluding) |
Storwize_v7000_firmware | Ibm | 7.7.0.0 (including) | 7.7.1.9 (excluding) |
Storwize_v7000_firmware | Ibm | 7.8.0.0 (including) | 7.8.1.6 (excluding) |
Storwize_v7000_firmware | Ibm | 8.1.1.0 (including) | 8.1.1.2 (excluding) |
Storwize_v7000_firmware | Ibm | 8.1.2.0 (including) | 8.1.2.1 (excluding) |