Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLenovoCVELIST:CVE-2017-3768
HistoryJan 25, 2018 - 12:00 a.m.

CVE-2017-3768

2018-01-2500:00:00
lenovo
www.cve.org

0.001 Low

EPSS

Percentile

41.4%

JSON

An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease.

CNA Affected

[
  {
    "product": "Integrated Management Module 2 (IMM2)",
    "vendor": "Lenovo Group Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "Earlier than 4.4 for Lenovo System x"
      },
      {
        "status": "affected",
        "version": "Earlier than 6.4 for IBM System x"
      }
    ]
  }
]

Related

lenovo 2
cve 1
ibm 1
prion 1
nvd 1
lenovo
lenovo
IMM2 Denial of Service Attack by an Unprivileged User - Lenovo Support US
2018-01-26 00:00:00
IMM2 Denial of Service Attack by an Unprivileged User - NL
2018-01-26 00:00:00
cve
cve
CVE-2017-3768
2018-01-26 19:29:00
ibm
ibm
Security Bulletin: Denial of Service attack affects IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems (CVE-2017-3768)
2023-04-14 14:32:25
prion
prion
Authentication flaw
2018-01-26 19:29:00
nvd
nvd
CVE-2017-3768
2018-01-26 19:29:00

0.001 Low

EPSS

Percentile

41.4%

JSON
Related for CVELIST:CVE-2017-3768
lenovo2cve1ibm1prion1nvd1