Lucene search
+L

26 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-9074

Malware in sbrugna...

6.8CVSS5.1AI score0.00921EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-20671

Malware in sbrugna...

7.5CVSS7.8AI score0.01053EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-12861

Malware in sbrugna...

6.5CVSS6.6AI score0.00842EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-12885

Malware in sbrugna...

7.8CVSS7.6AI score0.01212EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-12892

Malware in sbrugna...

6.9CVSS6.5AI score0.00271EPSS
Exploits0References2
ibm
ibm
added 2023/12/07 10:45 p.m.26 views

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by information disclosure vulnerability (CVE-2019-6157)

Summary IBM Integrated Management Module II IMM2 has addressed the following information disclosure vulnerability. Vulnerability Details CVEID: CVE-2019-6157 DESCRIPTION: Lenovo System x could allow a local attacker to obtain sensitive information, caused by an issue with including private key...

7.5CVSS1AI score0.01346EPSS
Exploits0Affected Software3
osv
osv
added 2019/04/22 4:29 p.m.6 views

CVE-2019-6157

In various firmware versions of Lenovo System x, the integrated management module II IMM2's first failure data capture FFDC includes the web server's private key in the generated log file for support...

7.5CVSS5.8AI score0.01346EPSS
Exploits0References1
cvelist
cvelist
added 2019/04/22 3:21 p.m.31 views

CVE-2019-6157

In various firmware versions of Lenovo System x, the integrated management module II IMM2's first failure data capture FFDC includes the web server's private key in the generated log file for support...

6.5CVSS7.6AI score0.01346EPSS
Exploits0References1
attackerkb
attackerkb
added 2018/11/16 2:29 p.m.4 views

Missing System x Flash Memory Write Protection Lock Bit

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services SPS and the system Flash Descriptors...

4.9CVSS5.5AI score0.00664EPSS
Exploits0References2
nvd
nvd
added 2018/07/26 7:29 p.m.18 views

CVE-2018-9068

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Leno...

7.5CVSS7.2AI score0.01053EPSS
Exploits0References1
cve
cve
added 2018/07/26 7:0 p.m.60 views

CVE-2018-9068

The CVE-2018-9068 issue affects IBM/Lenovo Integrated Management Module II (IMM2) FFDC data disclosure. In affected IMM2 firmware (Lenovo System x prior to 4.90 and IBM System x prior to 6.80), the SFTP server used for FFDC data access used hard-coded credentials described in the IMM2 documentati...

7.5CVSS7.2AI score0.01053EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/07/26 7:0 p.m.30 views

CVE-2018-9068

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Leno...

7.2AI score0.01053EPSS
Exploits0References1
osv
osv
added 2018/05/04 5:29 p.m.8 views

CVE-2017-3775

Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code...

6.4CVSS5.8AI score0.00271EPSS
Exploits0References1
nvd
nvd
added 2018/05/04 5:29 p.m.19 views

CVE-2017-3775

Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code...

6.9CVSS6.2AI score0.00271EPSS
Exploits0References1
cnvd
cnvd
added 2018/01/30 12:0 a.m.7 views

Lenovo System x-Series and IBM System x-Series Denial of Service Vulnerabilities

Lenovo System x is a server from Lenovo in China.IBM System x is a server from IBM in the United States. A security vulnerability exists in the Lenovo System x series prior to version 4.4 and the IBM System x series prior to version 6.4. An attacker could exploit this vulnerability to cause a...

7.8CVSS6.7AI score0.01212EPSS
Exploits0References1
prion
prion
added 2018/01/26 7:29 p.m.20 views

Authentication flaw

An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x. Flooding the IMM2 with a high volume of authentication failures via the Common Information Model CIM used ...

7.8CVSS7.4AI score0.01212EPSS
Exploits0References1Affected Software37
osv
osv
added 2018/01/26 7:29 p.m.8 views

CVE-2017-3768

An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x. Flooding the IMM2 with a high volume of authentication failures via the Common Information Model CIM used ...

7.5CVSS5.8AI score0.01212EPSS
Exploits0References1
cve
cve
added 2018/01/26 7:0 p.m.59 views

CVE-2017-3768

CVE-2017-3768 affects IBM IMM2 (System x, Flex, BladeCenter) and Lenovo System x variants. A remote, unprivileged attacker with CIM connectivity can flood IMM2 with authentication failures, exhausting memory and causing the device to reboot. Affected versions are Lenovo System x (pre-4.4) and IBM...

7.8CVSS7.4AI score0.01212EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2017/07/05 12:0 a.m.4 views

Lenovo System x IMM2 Firmware Certificate Acquisition Vulnerability

Lenovo System x IMM2 is the firmware used in Lenovo servers in which it provides remote monitoring and control of the server. The Lenovo System x IMM2 has a security vulnerability that can be exploited by an attacker to obtain login credentials...

6.5CVSS7AI score0.00842EPSS
Exploits0References1
nvd
nvd
added 2017/06/20 12:29 a.m.15 views

CVE-2017-3744

In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture FFDC service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information...

6.5CVSS6.8AI score0.00842EPSS
Exploits0References1
Rows per page
Query Builder