TTCSIRT-025.072517: TT-CSIRT Advisory – IBM Security Updates
IBM has issued a high severity security alert stating that the IBM Cisco MDS Series Switches have a vulnerability that could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root or system-level privileges.
This could result in an unauthenticated, remote attacker accessing sensitive information or executing arbitrary code with root privileges on an affected system.
Further information on this vulnerability and how it can be resolved can viewed on the IBM Blog at https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cisco-mds-series-switches-dcnm-is-affected-by-unauthenticated-remote-attacker-vulnerability-cve-2017-6639-cve-2017-6640/ |