Vulnerability in Service Assistance GUI for Lenovo Storage and Storwize Products - lu

Lenovo Security Advisory: LEN-18236

**Potential Impact:**A vulnerability in the Service Assistant GUI could allow a remote attacker to perform a privilege escalation.

Severity: High

Scope of Impact: Lenovo Storage/IBM Storwize

CVE Identifier: CVE-2017-1710

Summary Description:

A vulnerability in the Service Assistant GUI affects Lenovo Storage and Storwize products. The Service Assistant CLI interface is unaffected.

Mitigation Strategy for Customers (what you should do to protect yourself):

Lenovo recommends fixing this vulnerability by upgrading affected versions of Lenovo Storage and Storwize products to code level 8.1.0.1 or higher.

IBM SAN Volume Controller, IBM Storwize family and FlashSystem V9000 products, please refer to the IBM Security Bulletin.