For those that don't know, an HP MSA2000 is a baby SAN - a small business storage array.
There's not a lot of info in that post, and I don't see any other posts in the thread. This is an issue if it can be accessed remotely, but not a big deal if it requires a console cable.
Even if it CAN be accessed remotely, it shouldn't be as big an issue as you'd think. SANs are usually not connected to the Internet and the management ports should be set on separate management VLANs. The number of SAN installs I've seen where the SAN engineer installing it left the passwords at the default and the customer never changed them is mind-boggling, anyway.
Not to take away from the importance of something like this, but it's not as severe as say, a remote-root exploit in Linux.
There's not a lot of info in that post, and I don't see any other posts in the thread. This is an issue if it can be accessed remotely, but not a big deal if it requires a console cable.
Even if it CAN be accessed remotely, it shouldn't be as big an issue as you'd think. SANs are usually not connected to the Internet and the management ports should be set on separate management VLANs. The number of SAN installs I've seen where the SAN engineer installing it left the passwords at the default and the customer never changed them is mind-boggling, anyway.
Not to take away from the importance of something like this, but it's not as severe as say, a remote-root exploit in Linux.