Insecure Default X.509 Certificate Authentication in IBM XIV Storage System Gen3

Insecure Default X.509 Certificate Authentication in IBM XIV Storage System Gen3

CVE-2012-4829 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 certificate for authentication, which allows man-in-the-middle attackers to spoof servers by leveraging an inappropriate certificate-trust relationship.

Learn more about our Cis Benchmark Audit For Server Software.