Lucene search

[email protected]NVD:CVE-2014-4750

HistoryAug 20, 2014 - 11:17 a.m.

CVE-2014-4750

2014-08-2011:17:14

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.2%

JSON

IBM PowerVC Express Edition 1.2.0 before FixPack3 establishes an FTP session for transferring files to a managed IVM, which allows remote attackers to discover credentials by sniffing the network.

Affected configurations

Nvd

Node

ibmpowervcMatch1.2.0.0express

ibmpowervcMatch1.2.0.1express

ibmpowervcMatch1.2.0.2express

VendorProductVersionCPE
ibmpowervc1.2.0.0cpe:2.3:a:ibm:powervc:1.2.0.0:*:*:*:express:*:*:*
ibmpowervc1.2.0.1cpe:2.3:a:ibm:powervc:1.2.0.1:*:*:*:express:*:*:*
ibmpowervc1.2.0.2cpe:2.3:a:ibm:powervc:1.2.0.2:*:*:*:express:*:*:*

Vendor	Product	Version	CPE
ibm	powervc	1.2.0.0	cpe:2.3:a:ibm:powervc:1.2.0.0::::express:::
ibm	powervc	1.2.0.1	cpe:2.3:a:ibm:powervc:1.2.0.1::::express:::
ibm	powervc	1.2.0.2	cpe:2.3:a:ibm:powervc:1.2.0.2::::express:::

References

www-01.ibm.com/support/docview.wss?uid=nas8N1020223

www.securityfocus.com/bid/69299

exchange.xforce.ibmcloud.com/vulnerabilities/94352

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.2%

JSON

Related for NVD:CVE-2014-4750

cvelist1 prion1 cve1