CVE-2010-2656
IBM Bladecenter Management - Multiple Web Application Vulnerabilities
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
4
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) logs or (2) core files via direct requests, as demonstrated by a request for private/sdc.tgz.
El BladeCenter de IBM con Advanced Management Module (AMM) firmware build ID BPET48L, y posiblemente otras versiones anteriores a v4.7 y v5.0, almacena información sensible bajo la raíz web con insuficiente control de acceso, lo cual permite a los atacantes remotos descargar (1) logs o (2) archivos del núcleo mediante una petición directa, como se ha demostrado mediante una petición para private/sdc.tgz.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-07-06 First Exploit
- 2010-07-07 CVE Reserved
- 2010-07-07 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/66123 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/14237 | 2010-07-06 | |
| http://dsecrg.com/pages/vul/show.php?id=154 | 2024-08-07 | |
| http://www.exploit-db.com/exploits/14237 | 2024-08-07 | |
| http://www.securityfocus.com/bid/41383 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | <= 2.48 Search vendor "Ibm" for product "Advanced Management Module" and version " <= 2.48" | l |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.00 Search vendor "Ibm" for product "Advanced Management Module" and version "1.00" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.01 Search vendor "Ibm" for product "Advanced Management Module" and version "1.01" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.20 Search vendor "Ibm" for product "Advanced Management Module" and version "1.20" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.20 Search vendor "Ibm" for product "Advanced Management Module" and version "1.20" | f |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.25 Search vendor "Ibm" for product "Advanced Management Module" and version "1.25" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.25 Search vendor "Ibm" for product "Advanced Management Module" and version "1.25" | e |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.25 Search vendor "Ibm" for product "Advanced Management Module" and version "1.25" | i |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.26 Search vendor "Ibm" for product "Advanced Management Module" and version "1.26" | b |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.26 Search vendor "Ibm" for product "Advanced Management Module" and version "1.26" | e |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.26 Search vendor "Ibm" for product "Advanced Management Module" and version "1.26" | h |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.26 Search vendor "Ibm" for product "Advanced Management Module" and version "1.26" | i |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.26 Search vendor "Ibm" for product "Advanced Management Module" and version "1.26" | k |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.28 Search vendor "Ibm" for product "Advanced Management Module" and version "1.28" | g |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.32 Search vendor "Ibm" for product "Advanced Management Module" and version "1.32" | d |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.34 Search vendor "Ibm" for product "Advanced Management Module" and version "1.34" | b |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.34 Search vendor "Ibm" for product "Advanced Management Module" and version "1.34" | e |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36 Search vendor "Ibm" for product "Advanced Management Module" and version "1.36" | d |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36 Search vendor "Ibm" for product "Advanced Management Module" and version "1.36" | g |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36 Search vendor "Ibm" for product "Advanced Management Module" and version "1.36" | h |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.36 Search vendor "Ibm" for product "Advanced Management Module" and version "1.36" | k |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.42 Search vendor "Ibm" for product "Advanced Management Module" and version "1.42" | d |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.42 Search vendor "Ibm" for product "Advanced Management Module" and version "1.42" | f |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.42 Search vendor "Ibm" for product "Advanced Management Module" and version "1.42" | i |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.42 Search vendor "Ibm" for product "Advanced Management Module" and version "1.42" | n |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.42 Search vendor "Ibm" for product "Advanced Management Module" and version "1.42" | o |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 1.42 Search vendor "Ibm" for product "Advanced Management Module" and version "1.42" | t |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.46 Search vendor "Ibm" for product "Advanced Management Module" and version "2.46" | c |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.46 Search vendor "Ibm" for product "Advanced Management Module" and version "2.46" | j |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.48 Search vendor "Ibm" for product "Advanced Management Module" and version "2.48" | c |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.48 Search vendor "Ibm" for product "Advanced Management Module" and version "2.48" | d |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.48 Search vendor "Ibm" for product "Advanced Management Module" and version "2.48" | g |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.48 Search vendor "Ibm" for product "Advanced Management Module" and version "2.48" | n |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.50 Search vendor "Ibm" for product "Advanced Management Module" and version "2.50" | c |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.50 Search vendor "Ibm" for product "Advanced Management Module" and version "2.50" | g |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.50 Search vendor "Ibm" for product "Advanced Management Module" and version "2.50" | k |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Advanced Management Module Search vendor "Ibm" for product "Advanced Management Module" | 2.50 Search vendor "Ibm" for product "Advanced Management Module" and version "2.50" | p |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | * | - |
Safe
|