CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0CVE-2013-4037
https://notcve.org/view.php?id=CVE-2013-4037
The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack. El protocolo RAKP soportado en la implementación Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, and System x3###, envía una contraseña hash al cliente, lo que hace que sea más fácil para los atacantes remotos obtener acceso a través de un ataque de fuerza bruta. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463 https://exchange.xforce.ibmcloud.com/vulnerabilities/86173 •
CVSS: 4.0EPSS: 0%CPEs: 34EXPL: 0CVE-2013-4038
https://notcve.org/view.php?id=CVE-2013-4038
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file. La implementación Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, y System x3###, utiliza texto claro para el almacenamiento de contraseñas, lo que permite a atacantes, según el contexto, obtener información confidencial mediante la lectura de un archivo. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463 https://exchange.xforce.ibmcloud.com/vulnerabilities/86174 • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 42%CPEs: 38EXPL: 4CVE-2010-2656 – IBM Bladecenter Management - Multiple Web Application Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-2656
The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) logs or (2) core files via direct requests, as demonstrated by a request for private/sdc.tgz. El BladeCenter de IBM con Advanced Management Module (AMM) firmware build ID BPET48L, y posiblemente otras versiones anteriores a v4.7 y v5.0, almacena información sensible bajo la raíz web con insuficiente control de acceso, lo cual permite a los atacantes remotos descargar (1) logs o (2) archivos del núcleo mediante una petición directa, como se ha demostrado mediante una petición para private/sdc.tgz. • https://www.exploit-db.com/exploits/14237 http://dsecrg.com/pages/vul/show.php?id=154 http://osvdb.org/66123 http://www.exploit-db.com/exploits/14237 http://www.securityfocus.com/bid/41383 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 40EXPL: 4CVE-2010-2654 – IBM Bladecenter Management - Multiple Web Application Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-2654
Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allow remote attackers to inject arbitrary web script or HTML via the (1) INDEX or (2) IPADDR parameter to private/cindefn.php, (3) the domain parameter to private/power_management_policy_options.php, the slot parameter to (4) private/pm_temp.php or (5) private/power_module.php, (6) the WEBINDEX parameter to private/blade_leds.php, or (7) the SLOT parameter to private/ipmi_bladestatus.php. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en el BladeCenter de IBM con Advanced Management Module (AMM) firmware build ID BPET48L, y posiblemente otras versiones anteriores a v4.7 y v5.0, permiten a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro (1) INDEX o (2) IPADDR a private/cindefn.php, (3) el parámetro dominio a private/power_management_policy_options.php, el parámetro slot a (4) private/pm_temp.php o (5) private/power_module.php, (6) el parámetro WEBINDEX a private/blade_leds.php, o (7) el parámetro SLOT a private/ipmi_bladestatus.php. • https://www.exploit-db.com/exploits/14237 http://dsecrg.com/pages/vul/show.php?id=154 http://osvdb.org/66122 http://osvdb.org/66125 http://osvdb.org/66126 http://osvdb.org/66127 http://osvdb.org/66128 http://osvdb.org/66129 http://osvdb.org/66130 http://www.exploit-db.com/exploits/14237 http://www.securityfocus.com/bid/41383 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 30%CPEs: 38EXPL: 4CVE-2010-2655 – IBM Bladecenter Management - Multiple Web Application Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-2655
Directory traversal vulnerability in private/file_management.php on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allows remote authenticated users to list arbitrary directories and possibly have unspecified other impact via a .. (dot dot) in the DIR parameter. Vulnerabilidad de salto de directorio en private/file_management.php en el BladeCenter de IBM con el Advanced Management Module (AMM) firmware build ID BPET48L, y posiblemente otras versiones antes de v4.7 y v5.0, permite a usuarios remotos autenticados listar directorios a su elección y posiblemente tener otro impacto no especificado a través de un .. (punto punto) en el parámetro DIR. • https://www.exploit-db.com/exploits/14237 http://dsecrg.com/pages/vul/show.php?id=154 http://osvdb.org/66124 http://www.exploit-db.com/exploits/14237 http://www.securityfocus.com/bid/41383 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •