CVE-2013-4031
https://notcve.org/view.php?id=CVE-2013-4031
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors. La implementación Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, y System x3### tiene una contraseña predeterminada para una cuenta de usuario IPMI, lo que hace más fácil para los atacantes remotos realizar el encendido, apagado, reinicio, o añadir o modificar las cuentas, a través de vectores no especificados. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463 https://exchange.xforce.ibmcloud.com/vulnerabilities/86172 • CWE-255: Credentials Management Errors •
CVE-2013-4038
https://notcve.org/view.php?id=CVE-2013-4038
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file. La implementación Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, y System x3###, utiliza texto claro para el almacenamiento de contraseñas, lo que permite a atacantes, según el contexto, obtener información confidencial mediante la lectura de un archivo. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463 https://exchange.xforce.ibmcloud.com/vulnerabilities/86174 • CWE-310: Cryptographic Issues •
CVE-2013-4037
https://notcve.org/view.php?id=CVE-2013-4037
The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack. El protocolo RAKP soportado en la implementación Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, and System x3###, envía una contraseña hash al cliente, lo que hace que sea más fácil para los atacantes remotos obtener acceso a través de un ataque de fuerza bruta. • http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463 https://exchange.xforce.ibmcloud.com/vulnerabilities/86173 •