Lucene search

[email protected]CVE-2013-5424

HistoryOct 25, 2013 - 8:55 p.m.

CVE-2013-5424

2013-10-2520:55:03

CWE-264

[email protected]

web.nvd.nist.gov

ibm

flex system manager

fsm

1.3.0

remote attackers

access restrictions

cve-2013-5424

system-level account

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.0%

JSON

IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account.

Affected configurations

NVD

Node

ibmflex_system_managerMatch1.3.0

CPENameOperatorVersion
ibm:flex_system_manageribm flex system managereq1.3.0

CPE	Name	Operator	Version
ibm:flex_system_manager	ibm flex system manager	eq	1.3.0

References

www-01.ibm.com/support/docview.wss?uid=swg1IC96952

www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093938

exchange.xforce.ibmcloud.com/vulnerabilities/87486

7.2 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.0%

JSON

Related for CVE-2013-5424

prion1 nvd1 cvelist1 ibm1