Lucene search

IBMA715C08C080B9D4E941903D553A43FEF05174BB2904E233B918C0D4A9510933C

HistoryJul 26, 2018 - 8:25 p.m.

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in dhcp (CVE-2017-3144)

2018-07-2620:25:47

www.ibm.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Summary

IBM BladeCenter Advanced Management Module (AMM) has addressed the following vulnerability in dhcp.

Vulnerability Details

CVEID: CVE-2017-3144 DESCRIPTION: ISC DHCP is vulnerable to a denial of service, caused by the failure to properly clean up closed OMAPI connections. A remote attacker could exploit this vulnerability to consume all available socket descriptors for the target DHCP service.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137696> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Product

Affected Version

—|—

IBM BladeCenter Advanced Management Module (AMM)

BPET

Remediation/Fixes

Firmware fix versions are available on Fix Central: http://www.ibm.com/support/fixcentral/

Product

Fix Version

—|—

IBM BladeCenter Advanced Management Module (AMM)
(ibm_fw_amm_bpet68j-3.68j_anyos_noarch)

bpet68j-3.68j

CPENameOperatorVersion
system x bladeseqany

CPE	Name	Operator	Version
	system x blades	eq	any

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for A715C08C080B9D4E941903D553A43FEF05174BB2904E233B918C0D4A9510933C