CVSS: 7.5EPSS: 3%CPEs: 35EXPL: 2CVE-2010-1460 – IBM Bladecenter Management Module - Denial of Service
https://notcve.org/view.php?id=CVE-2010-1460
16 Apr 2010 — The IBM BladeCenter with Advanced Management Module (AMM) firmware before bpet50g does not properly perform interrupt sharing for USB and iSCSI, which allows remote attackers to cause a denial of service (management module reboot) via TCP packets with malformed application data. El firmware IBM BladeCenter con Advanced Management Module (AMM) anterior bpet50g no realiza la interrupción compartida adecuadamente para USB y iSCSI, lo que permite a atacantes remotos causar una denegación de servicio (reinicio m... • https://www.exploit-db.com/exploits/12252 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 0CVE-2009-3935
https://notcve.org/view.php?id=CVE-2009-3935
12 Nov 2009 — Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors. Múltiples vulnerabilidades no especificadas en el firmware de Advanced Management Module, en versiones anteriores a la 2.50G, para el IBM BladeCenter T 8720-2xx y 8730-2xx tienen un impacto y unos vectores de ataque desconocidos. • ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg •
CVSS: 6.1EPSS: 4%CPEs: 30EXPL: 3CVE-2009-1288 – IBM Bladecenter Advanced Management Module 1.42 - '/private/file_Management.ssi?PATH' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-1288
13 Apr 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to inject arbitrary web script or HTML via (1) the username in a login action or (2) the PATH parameter to private/file_management.ssi in the File manager. Varias vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el "Advanced Management Module" (AMM) o módulo de gestión avanzada de BladeCenter de IBM, incl... • https://www.exploit-db.com/exploits/32895 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 30EXPL: 1CVE-2009-1289
https://notcve.org/view.php?id=CVE-2009-1289
13 Apr 2009 — private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter. Vulnerabilidad en private/login.ssi en el "Advanced Management Module" (AMM) o módulo de gestión avanzada de BladeCenter de IBM, incluyendo el BladeCenter H con BPET36H 54, permite a usuarios remotos averiguar los roles de acceso y el "scope" (alcance) de cue... • http://osvdb.org/53659 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 2CVE-2009-1290 – IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2009-1290
13 Apr 2009 — Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration interface in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to hijack the authentication of administrators, as demonstrated by a power-off request to the private/blade_power_action script. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados(CSRF) en la interfaz de administración web en el Módulo de Gestión Avanzada (AMM)... • https://www.exploit-db.com/exploits/32896 • CWE-352: Cross-Site Request Forgery (CSRF) •