Note: This is an archival copy of Security Sun Alert 200971 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000732.1.
Article ID : 1000732.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-01-24
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

A Limited Number of Sun StorEdge 6130 Arrays May be Vulnerable to Unauthorized Access


Release Phase

Bug Id

Date of Resolved Release


A local or remote unprivileged user may be able to gain unauthorized access to a limited number of Sun StorEdge 6130 arrays (SE6130). With this access, the user could delete data on the array.

Contributing Factors

This issue can occur on the following platform:

  • Sun StorEdge 6130 arrays with a serial number in the range of 0451AWF00G - 0513AWF00J


  1. The described issue only affects Controller Arrays. Expansion trays are not affected.
  2. SE6130 Controller Arrays with serial numbers outside the range above are not impacted by this issue.

The Sun StorEdge Configuration Service (SSCS) commands can be used to determine the serial number of a Sun StorEdge 6130 array as shown in the example below:

1. Login to SSCS using the sscs(1M) comand line utility:

    % /opt/se6x20/cli/bin/sscs login -h <management_host_name> -u <user>

2. To list the array(s) managed by this management host:

    % /opt/se6x20/cli/bin/sscs list array
Array: SE6130-1
Array: SE6130-2
Array: SE6130-3

3. To list the details (including the serial number) of each array:

    % /opt/se6x20/cli/bin/sscs list array <array_name>
Serial Number:             SUN.54062390100.0428AWF006
Firmware Version:
Array WWN:                 60:0A:0B:80:00:16:AB:12:00:00:00:00:41:23:4B:E2
Node WWN:                  20:04:00:A0:B8:16:AB:12
Default Host Type:         Solaris (with Traffic Manager)
Default Cache Block Size:  16384
Default Cache Start %:     80
Default Cache Stop %:      80
Disk Scrubbing:            30 days
Failover Alert Delay:      5 minutes
Hot Spare Pool Disks:      1
Health                     OK
Tray ID:                   1
Host:                      host 1
Pool:                      Pool 1-1
Pool:                      Pool 2
Pool:                      Pool 3
Pool:                      Pool 1
Pool:                      Default

4. Logout of SSCS

    % /opt/se6x20/cli/bin/sscs logout


There are no predictable symptoms that would indicate the described issue has been exploited.


There is no workaround. Please see the "Resolution" section below.


Customers with an array that falls within the serial number range defined above should contact their Sun authorized service provider and reference this Sun Alert to obtain a utility which will resolve this issue.

Modification History

Sun StorageTek 6130 Array

This solution has no attachment