CVE-2014-0860 in Integrated Management Moduleinfo

Zusammenfassung (Englisch)

The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

06.01.2014

Veröffentlichung

07.07.2014

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

IDSchwachstelleCWEAusMasCVE
70274IBM Integrated Management Module schwache Verschlüsselung310Nicht definiertOffizieller FixCVE-2014-0860

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!