Security Bulletin: Three potential vulnerabilities in IBM GCM16/GCM32 Global Console Managers (CVE-2014-3085, CVE-2014-3081, CVE-2014-3080)

Summary Three potential vulnerabilities have been discovered in IBM GCM16/GCM32 Global Console Manager KVM Switches Vulnerability Details Abstract Three potential vulnerabilities have been discovered in IBM GCM16/GCM32 Global Console Manager KVM Switches Content Vulnerability Details: CVE ID:...

CVE-2014-3085

Affected product : IBM Global Console Manager switches (GCM16 and GCM32). Version impact : firmware versions prior to 1.20.20.23447 are affected. Vulnerability : CVE-2014-3085 — Improper handling in systest.php allows a remote authenticated attacker to execute arbitrary commands via shell metacha...

IBM GCM16 / GCM32 Global Console Manager KVM Switch Firmware Version < 1.20.20.23447 Multiple Vulnerabilities

According to its self-reported version, the remote host is an IBM Global Console Manager KVM switch with a firmware version prior to 1.20.20.23447. It is, therefore, affected by the following vulnerabilities : - A reflected cross-site scripting attack via 'kvm.cgi' or 'avctalert.php'. CVE-2014-30...

CVE-2014-3085

creationtimestamp| type| source ---|---|--- 2014-07-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34132...