Xiv Storage System CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2012-2167	1 Ibm	2 Xiv Storage System Gen3, Xiv Storage System Gen3 Firmware	2025-04-11	N/A
The IBM XIV Storage System Gen3 before 11.1.0.a allows remote attackers to cause a denial of service (device outage) via TCP packets to unspecified ports.
CVE-2012-4829	1 Ibm	1 Xiv Storage System Gen3	2025-04-11	N/A
IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 certificate for authentication, which allows man-in-the-middle attackers to spoof servers by leveraging an inappropriate certificate-trust relationship.
CVE-2012-2166	1 Ibm	8 Xiv Storage System 2810-114, Xiv Storage System 2810-114 Firmware, Xiv Storage System 2810-a14 and 5 more	2024-11-21	N/A
IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remote attackers to gain user access via unknown vectors. IBM X-Force ID: 75041.

Page 1 of 1.