CVE-2009-1289
Severity Score
4.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter.
Vulnerabilidad en private/login.ssi en el "Advanced Management Module" (AMM) o módulo de gestión avanzada de BladeCenter de IBM, incluyendo el BladeCenter H con BPET36H 54, permite a usuarios remotos averiguar los roles de acceso y el "scope" (alcance) de cuentas de usuario arbitrarias a través del parámetro WEBINDEX.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-04-13 CVE Reserved
- 2009-04-13 CVE Published
- 2023-06-01 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/53659 | Vdb Entry | |
| http://securitytracker.com/id?1022025 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/502582/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/34447 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://www.louhinetworks.fi/advisory/ibm_090409.txt | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | e Search vendor "Ibm" for product "Bladecenter" and version "e" | 1881 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | e Search vendor "Ibm" for product "Bladecenter" and version "e" | 7967 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | e Search vendor "Ibm" for product "Bladecenter" and version "e" | 8677 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | h Search vendor "Ibm" for product "Bladecenter" and version "h" | 7989 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | h Search vendor "Ibm" for product "Bladecenter" and version "h" | 8852 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hc10 Search vendor "Ibm" for product "Bladecenter" and version "hc10" | 7996 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs12 Search vendor "Ibm" for product "Bladecenter" and version "hs12" | 1916 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs12 Search vendor "Ibm" for product "Bladecenter" and version "hs12" | 8014 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs12 Search vendor "Ibm" for product "Bladecenter" and version "hs12" | 8028 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs20 Search vendor "Ibm" for product "Bladecenter" and version "hs20" | 1883 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs21 Search vendor "Ibm" for product "Bladecenter" and version "hs21" | 1885 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs21 Search vendor "Ibm" for product "Bladecenter" and version "hs21" | 8853 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs21_xm Search vendor "Ibm" for product "Bladecenter" and version "hs21_xm" | 1915 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | hs21_xm Search vendor "Ibm" for product "Bladecenter" and version "hs21_xm" | 7995 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | ht Search vendor "Ibm" for product "Bladecenter" and version "ht" | 8740 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | ht Search vendor "Ibm" for product "Bladecenter" and version "ht" | 8750 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | js12 Search vendor "Ibm" for product "Bladecenter" and version "js12" | 7998 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | js21 Search vendor "Ibm" for product "Bladecenter" and version "js21" | 7988 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | js21 Search vendor "Ibm" for product "Bladecenter" and version "js21" | 8844 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | js22 Search vendor "Ibm" for product "Bladecenter" and version "js22" | 7998 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | ls20 Search vendor "Ibm" for product "Bladecenter" and version "ls20" | 8850 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | ls21 Search vendor "Ibm" for product "Bladecenter" and version "ls21" | 7971 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | ls41 Search vendor "Ibm" for product "Bladecenter" and version "ls41" | 7972 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | qs21 Search vendor "Ibm" for product "Bladecenter" and version "qs21" | 0792 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | qs22 Search vendor "Ibm" for product "Bladecenter" and version "qs22" | 0793 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | s Search vendor "Ibm" for product "Bladecenter" and version "s" | 1948 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | s Search vendor "Ibm" for product "Bladecenter" and version "s" | 8886 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | t Search vendor "Ibm" for product "Bladecenter" and version "t" | 8720 |
Affected
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36h Search vendor "Ibm" for product "Advanced Management Module" and version "1.36h" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | t Search vendor "Ibm" for product "Bladecenter" and version "t" | 8730 |
Affected
|