CVE-2013-4038
https://notcve.org/view.php?id=CVE-2013-4038
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file. La implementación Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, y System x3###, utiliza texto claro para el almacenamiento de contraseñas, lo que permite a atacantes, según el contexto, obtener información confidencial mediante la lectura de un archivo. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463 https://exchange.xforce.ibmcloud.com/vulnerabilities/86174 • CWE-310: Cryptographic Issues •
CVE-2013-4037
https://notcve.org/view.php?id=CVE-2013-4037
The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack. El protocolo RAKP soportado en la implementación Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, and System x3###, envía una contraseña hash al cliente, lo que hace que sea más fácil para los atacantes remotos obtener acceso a través de un ataque de fuerza bruta. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463 https://exchange.xforce.ibmcloud.com/vulnerabilities/86173 •