2 results (0.004 seconds)

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0

The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface. El firmware anterior a 3.66E en IBM BladeCenter Advanced Management Module (AMM), el firmware anterior a 1.43 en IBM Integrated Management Module (IMM), y el firmware anterior a 4.15 en IBM Integrated Management Module II (IMM2) contiene los credenciales IPMI en texto claro, lo que permite a atacantes remotos ejecutar comandos IPMI arbitrarios, y como consecuencia establecer una sesión de control remoto blade, mediante el aprovechamiento del acceso a (1) el chassis internal network o (2) la interfaz 'Ethernet-over-USB'. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840 https://exchange.xforce.ibmcloud.com/vulnerabilities/90880 • CWE-310: Cryptographic Issues •

CVSS: 6.4EPSS: 0%CPEs: 9EXPL: 0

The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface. Advanced Management Module (AMM) con firmware 3.64B, 3.64C, y 3.64G para sistemas IBM BladeCenter permite a atacantes remotos descubrir nombres de cuentas y contraseñas a través del uso de una interfaz no especificada. • http://osvdb.org/100397 http://secunia.com/advisories/55921 http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718 http://www.securityfocus.com/bid/64032 https://exchange.xforce.ibmcloud.com/vulnerabilities/89174 • CWE-310: Cryptographic Issues •