Lucene search

[email protected]CVE-2013-4030

HistoryJan 21, 2014 - 1:55 a.m.

CVE-2013-4030

2014-01-2101:55:03

CWE-310

[email protected]

web.nvd.nist.gov

ibm

system x

flex system

servers

ssl

vulnerability

nvd

cve-2013-4030

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

49.3%

JSON

Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.

Affected configurations

NVD

Node

ibmintegrated_management_module_2Match1.00

ibmintegrated_management_module_2Match2.00

AND

ibmbladecenterMatchhs23

ibmbladecenterMatchhs23e

ibmflex_system_manager_node_7955Match-

ibmflex_system_manager_node_8731Match-

ibmflex_system_manager_node_8734Match-

ibmflex_system_x220_compute_nodeMatch-

ibmflex_system_x240_compute_nodeMatch-

ibmflex_system_x440_compute_nodeMatch-

ibmsystem_x_idataplex_direct_water_cooled_dx360_m4_serverMatch-

ibmsystem_x_idataplex_dx360_m4_serverMatch-

ibmsystem_x3100_m4Match-

ibmsystem_x3250_m4Match-

ibmsystem_x3300_m4Match-

ibmsystem_x3500_m2Match-

ibmsystem_x3500_m3Match-

ibmsystem_x3500_m4Match-

ibmsystem_x3530_m4Match-

ibmsystem_x3550_m2Match-

ibmsystem_x3550_m3Match-

ibmsystem_x3550_m4Match-

ibmsystem_x3630_m3Match-

ibmsystem_x3630_m4Match-

ibmsystem_x3630_m4_hdMatch-

ibmsystem_x3650_m2Match-

ibmsystem_x3650_m3Match-

ibmsystem_x3650_m4Match-

ibmsystem_x3650_m4_hdMatch-

ibmsystem_x3690_x5Match-

ibmsystem_x3750_m4Match-

ibmsystem_x3850_x5Match-

ibmsystem_x3950_x5Match-

VendorProductVersionCPE
ibmsystem_x3690_x5-cpe:/h:ibm:system_x3690_x5:-:::
ibmsystem_x3530_m4-cpe:/h:ibm:system_x3530_m4:-:::
ibmsystem_x3650_m3-cpe:/h:ibm:system_x3650_m3:-:::
ibmsystem_x3500_m2-cpe:/h:ibm:system_x3500_m2:-:::
ibmsystem_x_idataplex_direct_water_cooled_dx360_m4_server-cpe:/h:ibm:system_x_idataplex_direct_water_cooled_dx360_m4_server:-:::
ibmintegrated_management_module_21.00cpe:/h:ibm:integrated_management_module_2:1.00:::
ibmsystem_x3500_m4-cpe:/h:ibm:system_x3500_m4:-:::
ibmsystem_x3950_x5-cpe:/h:ibm:system_x3950_x5:-:::
ibmsystem_x3630_m4-cpe:/h:ibm:system_x3630_m4:-:::
ibmsystem_x3650_m4_hd-cpe:/h:ibm:system_x3650_m4_hd:-:::

Vendor	Product	Version	CPE
ibm	system_x3690_x5	-	cpe:/h:ibm:system_x3690_x5:-:::
ibm	system_x3530_m4	-	cpe:/h:ibm:system_x3530_m4:-:::
ibm	system_x3650_m3	-	cpe:/h:ibm:system_x3650_m3:-:::
ibm	system_x3500_m2	-	cpe:/h:ibm:system_x3500_m2:-:::
ibm	system_x_idataplex_direct_water_cooled_dx360_m4_server	-	cpe:/h:ibm:system_x_idataplex_direct_water_cooled_dx360_m4_server:-:::
ibm	integrated_management_module_2	1.00	cpe:/h:ibm:integrated_management_module_2:1.00:::
ibm	system_x3500_m4	-	cpe:/h:ibm:system_x3500_m4:-:::
ibm	system_x3950_x5	-	cpe:/h:ibm:system_x3950_x5:-:::
ibm	system_x3630_m4	-	cpe:/h:ibm:system_x3630_m4:-:::
ibm	system_x3650_m4_hd	-	cpe:/h:ibm:system_x3650_m4_hd:-:::

Rows per page:

1-10 of 331

References

www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301

exchange.xforce.ibmcloud.com/vulnerabilities/86068

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

49.3%

JSON

Related for CVE-2013-4030

cvelist1 ibm1 prion1 nvd1