In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.
Affected Versions:
maxView Storage Manager v3.00.23484 (January 2019) through v4.14.00.26064 (July 2023), excluding the patched versions provided below.
Exploitation of the vulnerability could potentially result in loss of data by allowing modification of RAID configurations. Additionally, exploitation could potentially result in disclosure of information by providing read access to system files if directory location and file name are known.
The following versions of maxView Storage Manager have either been patched or they are the latest releases where this vulnerability has been resolved moving forward.
It is strongly recommended that all customers upgrade installations of maxView Storage Manager to the patched or current release versions of maxView Storage Manager where this vulnerability has been resolved.
{"SalesForceSecurePath":"https://microchip.my.salesforce-scrt.com","EmbeddedServiceName":"Messaging_For_Microchip","SalesForcePath":"https://microchip.my.site.com/ESWMessagingForMicrochi1755319480924","AgentAvailableHeader":"No problem. Chat with our engineering experts or schedule a call that's convenient for you.","ScheduleCallUrl":"https://microchip.my.site.com/schedulemeetingportal/s/","SalesforceOrgId":"00Do0000000KAkK","JsUrl":"https://microchip.my.site.com/ESWMessagingForMicrochi1755319480924/assets/js/bootstrap.min.js"}
