CVSS: 10.0EPSS: 0%CPEs: 42EXPL: 0CVE-2014-4752
https://notcve.org/view.php?id=CVE-2014-4752
IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM for Bladecenter before 7.8.14.0; 1:10G switch for Bladecenter before 7.4.8.0; 1G switch for Bladecenter before 5.3.5.0; Server Connectivity Module before 1.1.3.4; System Networking RackSwitch G8332 before 7.7.17.0; and System Networking RackSwitch G8000 before 7.1.7.0 have hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. Switches IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, y G8264-T anterior a 7.9.10.0; Switches EN4093, EN4093R, CN4093, SI4093, EN2092, y G8264CS anterior a 7.8.6.0; Flex System Interconnect Fabric anterior a 7.8.6.0; Switch 1G L2-7 SLB para Bladecenter anterior a 21.0.21.0; 10G VFSM para Bladecenter anterior a 7.8.14.0; Switch 1:10G para Bladecenter anterior a 7.4.8.0; Switch 1G para Bladecenter anterior a 5.3.5.0; Server Connectivity Module anterior a 1.1.3.4; System Networking RackSwitch G8332 anterior a 7.7.17.0; y System Networking RackSwitch G8000 anterior a 7.1.7.0 tienen credenciales embebidas, lo que facilita a atacantes remotos obtener acceso a través de vectores no especificados. • http://secunia.com/advisories/54512 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096232 •
CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-0897
https://notcve.org/view.php?id=CVE-2014-0897
The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors. El componente Configuration Patterns en IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, y 1.3.1.x utiliza un algoritmo débil en un paso de la codificación durante la creación de una cuenta Chassis Management Module (CMM), lo que facilita a usuarios remotos autenticados vencer los mecanismos de protección criptográficos a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1IT03824 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096153 https://exchange.xforce.ibmcloud.com/vulnerabilities/91395 • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5423
https://notcve.org/view.php?id=CVE-2013-5423
IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors. IBM Flex System Manager (FSM) 1.1 hasta 1.3 anterior a 1.3.2.0 permite a atacantes remotos enumerar cuentas de usuarios a través de vectores no especificados. • http://secunia.com/advisories/58948 http://www-01.ibm.com/support/docview.wss?uid=swg1IT00278 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095891 http://www.securityfocus.com/bid/68370 https://exchange.xforce.ibmcloud.com/vulnerabilities/87485 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 143EXPL: 0CVE-2014-0880
https://notcve.org/view.php?id=CVE-2014-0880
IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrative IP address. IBM SAN Volume Controller; Storwize V3500, V3700, V5000 y V7000; y Flex System V7000 con software 6.3 y 6.4 anterior a 6.4.1.8 y 7.1 y 7.2 anterior a 7.2.0.3, permite a atacantes remotos obtener acceso CLI, y como consecuencia causar una denegación de servicio, a través de trafico no especificado hacia la dirección IP administrativa. • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004570 https://exchange.xforce.ibmcloud.com/vulnerabilities/91145 •
CVSS: 4.3EPSS: 0%CPEs: 33EXPL: 0CVE-2013-4030
https://notcve.org/view.php?id=CVE-2013-4030
Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic. Integrated Management Module (IMM) 2 1.00 hasta 2.00 de los servidores IBM System X y Flex System soporta conjuntos de cifrado SSL con claves cortas, lo que hace que sea más fácil para los atacantes remotos romper la proteccion criptografica de los mecanismos de de cifrado a través de (1) un ataque de fuerza bruta contra SSL o (2) El tráfico TLS. • http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301 https://exchange.xforce.ibmcloud.com/vulnerabilities/86068 • CWE-310: Cryptographic Issues •