TTCSIRT-025.072517: TT-CSIRT Advisory – IBM Security Updates
IBM has issued a high severity security alert stating that the IBM Cisco MDS Series Switches have a vulnerability that could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root or system-level privileges.
This could result in an unauthenticated, remote attacker accessing sensitive information or executing arbitrary code with root privileges on an affected system.
|Further information on this vulnerability and how it can be resolved can viewed on the IBM Blog at https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cisco-mds-series-switches-dcnm-is-affected-by-unauthenticated-remote-attacker-vulnerability-cve-2017-6639-cve-2017-6640/|