{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T12:16:49.347","vulnerabilities":[{"cve":{"id":"CVE-2018-1822","sourceIdentifier":"psirt@us.ibm.com","published":"2018-10-18T15:29:00.573","lastModified":"2024-11-21T04:00:27.423","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM FlashSystem 900 product GUI allows a specially crafted attack to bypass the authentication requirements of the system, resulting in the ability to remotely change the superuser password. This can be used by an attacker to gain administrative control or to deny service. IBM X-Force ID: 150296."},{"lang":"es","value":"La interfaz de IBM FlashSystem 900 permite que un ataque especialmente manipulado omita los requisitos de autenticación del sistema, lo que resulta en la capacidad de cambiar remotamente la contraseña de superusuario. Esto puede ser empleado por un atacante para obtener el control administrativo o denegar el servicio. IBM X-Force ID: 150296."}],"metrics":{"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:flashsystem_900_firmware:1.4:*:*:*:*:*:*:*","matchCriteriaId":"A71F19FE-AE53-46FB-A85B-CF58CD656212"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:flashsystem_900:*:*:*:*:*:*:*:*","matchCriteriaId":"E2328068-EE36-499F-A0C0-D0586B77CF78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:flashsystem_840_firmware:1.4:*:*:*:*:*:*:*","matchCriteriaId":"705DFEB9-D49F-48D4-9709-A5BC9B733FB6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:flashsystem_840:*:*:*:*:*:*:*:*","matchCriteriaId":"44640654-F291-459F-B00F-589B45939023"}]}]}],"references":[{"url":"http://www.ibm.com/support/docview.wss?uid=ibm10732962","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/150296","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"http://www.ibm.com/support/docview.wss?uid=ibm10732962","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/150296","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]}]}}]}