Lucene search

[email protected]CVE-2014-4752

HistorySep 23, 2014 - 10:55 p.m.

CVE-2014-4752

2014-09-2322:55:03

[email protected]

web.nvd.nist.gov

ibm

system networking

switches

hardcoded credentials

vulnerability

security

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.4%

JSON

IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM for Bladecenter before 7.8.14.0; 1:10G switch for Bladecenter before 7.4.8.0; 1G switch for Bladecenter before 5.3.5.0; Server Connectivity Module before 1.1.3.4; System Networking RackSwitch G8332 before 7.7.17.0; and System Networking RackSwitch G8000 before 7.1.7.0 have hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.

Affected configurations

NVD

Node

ibmsystem_networking_rackswitch__g8332_firmwareRange≤7.7.16.0

AND

ibmsystem_networking_rackswitch__g8332Match-

Node

ibmbladecenter_1g_firmwareRange≤5.3.4.0

AND

ibmbladecenter_1gMatch-

Node

ibmsystem_networking_rackswitch__g8052_firmwareRange≤7.9.1.0

ibmsystem_networking_rackswitch__g8124_firmwareRange≤7.9.1.0

ibmsystem_networking_rackswitch__g8124e_firmwareRange≤7.9.1.0

ibmsystem_networking_rackswitch__g8124er_firmwareRange≤7.9.1.0

ibmsystem_networking_rackswitch__g8264_firmwareRange≤7.9.1.0

ibmsystem_networking_rackswitch__g8264t_firmwareRange≤7.9.1.0

ibmsystem_networking_rackswitch__g8316_firmwareRange≤7.9.1.0

AND

ibmsystem_networking_rackswitch__g8052Match-

ibmsystem_networking_rackswitch__g8124Match-

ibmsystem_networking_rackswitch__g8124eMatch-

ibmsystem_networking_rackswitch__g8124erMatch-

ibmsystem_networking_rackswitch__g8264Match-

ibmsystem_networking_rackswitch__g8264tMatch-

ibmsystem_networking_rackswitch__g8316Match-

Node

ibmbladecenter_1\/10g_firmwareRange≤7.4.7.0

AND

ibmbladecenter_1\/10gMatch-

Node

ibmflex_system_interconnect_fabric_firmwareRange≤7.8.5.0

AND

ibmflex_system_interconnect_fabricMatch-

Node

ibmbladecenter_1g_l2-7_slb_firmwareRange≤21.0.20.0

AND

ibmbladecenter_1g_l2-7_slbMatch-

Node

ibmsystem_networking_rackswitch__g8332_firmwareRange≤7.1.6.0

AND

ibmsystem_networking_rackswitch__g8332Match-

Node

ibmbladecenter_10g_vfsm_firmwareRange≤7.8.6.0

AND

ibmbladecenter_10g_vfsmMatch-

Node

ibmsystem_networking_rackswitch__cn4093_firmwareRange≤7.8.5.0

ibmsystem_networking_rackswitch__en2092_firmwareRange≤7.8.5.0

ibmsystem_networking_rackswitch__en4093_firmwareRange≤7.8.5.0

ibmsystem_networking_rackswitch__en4093r_firmwareRange≤7.8.5.0

ibmsystem_networking_rackswitch__g8264cs_firmwareRange≤7.8.5.0

ibmsystem_networking_rackswitch__si4093_firmwareRange≤7.8.5.0

AND

ibmsystem_networking_rackswitch__cn4093Match-

ibmsystem_networking_rackswitch__en2092Match-

ibmsystem_networking_rackswitch__en4093Match-

ibmsystem_networking_rackswitch__en4093rMatch-

ibmsystem_networking_rackswitch__g8264csMatch-

ibmsystem_networking_rackswitch__si4093Match-

Node

ibmserver_connectivity_module_firmwareRange≤1.1.3.0

AND

ibmserver_connectivity_moduleMatch-

CPENameOperatorVersion
ibm:system_networking_rackswitch_g8332_firmwareibm system networking rackswitch g8332 firmwarele7.7.16.0
ibm:system_networking_rackswitch_g8332ibm system networking rackswitch g8332eq-

CPE	Name	Operator	Version
ibm:system_networking_rackswitch_g8332_firmware	ibm system networking rackswitch g8332 firmware	le	7.7.16.0
ibm:system_networking_rackswitch_g8332	ibm system networking rackswitch g8332	eq	-