Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Nextscale Nx360 M4 Security Vulnerabilities

cve
cve

CVE-2020-8332

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not...

6.4CVSS

6.6AI Score

0.0004EPSS

2020-10-14 10:15 PM
39
cve
cve

CVE-2019-6157

In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for...

7.5CVSS

7.5AI Score

0.002EPSS

2019-04-22 04:29 PM
26
cve
cve

CVE-2018-9068

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for...

7.5CVSS

7.2AI Score

0.002EPSS

2018-07-26 07:29 PM
30
cve
cve

CVE-2014-0882

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID:...

6.5CVSS

5.8AI Score

0.001EPSS

2018-04-25 08:29 PM
17
cve
cve

CVE-2017-3774

A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password...

9.8CVSS

9.5AI Score

0.003EPSS

2018-04-19 02:29 PM
22
cve
cve

CVE-2017-3768

An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM)...

7.5CVSS

7.4AI Score

0.001EPSS

2018-01-26 07:29 PM
23
cve
cve

CVE-2017-3744

In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login...

6.5CVSS

6.7AI Score

0.001EPSS

2017-06-20 12:29 AM
17
cve
cve

CVE-2016-8106

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use...

5.9CVSS

5.7AI Score

0.018EPSS

2017-01-09 09:59 PM
24
4