Lucene search
K

374 matches found

NVD
NVD
added 2013/12/14 10:55 p.m.16 views

CVE-2013-5438

Cross-site scripting XSS vulnerability in the web server in IBM Flex System Manager FSM 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01773EPSS
Exploits1References3
Prion
Prion
added 2013/12/14 10:55 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the web server in IBM Flex System Manager FSM 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01773EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2013/12/14 10:0 p.m.23 views

CVE-2013-5438

Cross-site scripting XSS vulnerability in the web server in IBM Flex System Manager FSM 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.5AI score0.01773EPSS
Exploits1References3
CVE
CVE
added 2013/12/14 10:0 p.m.45 views

CVE-2013-5438

IBM Flex System Manager (FSM) web server versions 1.1.0–1.3 are affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary HTML/JavaScript via unsanitized input. The IBM bulletin notes a CVSS base score of 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N) and lists aff...

4.3CVSS5.7AI score0.01773EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2013/10/25 8:55 p.m.19 views

CVE-2013-5424

IBM Flex System Manager FSM 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account...

6.8CVSS7AI score0.01306EPSS
Exploits0References3
Prion
Prion
added 2013/10/25 8:55 p.m.21 views

Design/Logic Flaw

IBM Flex System Manager FSM 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account...

6.8CVSS7.5AI score0.01306EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/10/25 8:0 p.m.45 views

CVE-2013-5424

The IBM Security Bulletin confirms CVE-2013-5424 affects IBM Flex System Manager (FSM) 1.3.0, where an expired password for the system-level USERID lets an attacker bypass access controls and create rogue accounts or execute tasks. Affected product/version: FSM 1.3.0. Root cause: expired system-l...

6.8CVSS7.2AI score0.01306EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/10/25 8:0 p.m.27 views

CVE-2013-5424

IBM Flex System Manager FSM 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account...

7AI score0.01306EPSS
Exploits0References3
Prion
Prion
added 2013/08/09 11:55 p.m.17 views

Default credentials

The Intelligent Platform Management Interface IPMI implementation in Integrated Management Module IMM on IBM BladeCenter, Flex System, System x iDataPlex, and System x3 servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading...

4CVSS6.5AI score0.00791EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/08/09 11:0 p.m.59 views

CVE-2013-4038

The CVE-2013-4038 issue affects IBM IMM/IMM2 IPMI implementations (IBM BladeCenter, Flex System, System x iDataPlex, System x3###). Root cause: passwords for user accounts are stored in clear text in the IMM filesystem, enabling an attacker with access to the IMM OS to view credentials and potent...

4CVSS6.2AI score0.00791EPSS
Exploits0References2Affected Software30
NVD
NVD
added 2012/12/08 3:55 p.m.12 views

CVE-2012-4838

IBM Flex System Chassis Management Module CMM and Integrated Management Module 2 IMM2 allow local users to obtain sensitive information about 1 local accounts, 2 SSH private keys, 3 SSL/TLS private keys, 4 SNMPv3 communities, and 5 LDAP credentials by leveraging unspecified side effects of servic...

1.9CVSS5.8AI score0.00352EPSS
Exploits0References3
Prion
Prion
added 2012/12/08 3:55 p.m.15 views

Code injection

IBM Flex System Chassis Management Module CMM and Integrated Management Module 2 IMM2 allow local users to obtain sensitive information about 1 local accounts, 2 SSH private keys, 3 SSL/TLS private keys, 4 SNMPv3 communities, and 5 LDAP credentials by leveraging unspecified side effects of servic...

1.9CVSS6.4AI score0.00352EPSS
Exploits0References3
CVE
CVE
added 2012/12/08 3:0 p.m.44 views

CVE-2012-4838

IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) are affected by CVE-2012-4838. Public descriptions indicate local users can obtain sensitive information (local accounts, SSH private keys, SSL/TLS private keys, SNMPv3 communities, and LDAP credentials) via...

1.9CVSS6AI score0.00352EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2012/12/08 3:0 p.m.16 views

CVE-2012-4838

IBM Flex System Chassis Management Module CMM and Integrated Management Module 2 IMM2 allow local users to obtain sensitive information about 1 local accounts, 2 SSH private keys, 3 SSL/TLS private keys, 4 SNMPv3 communities, and 5 LDAP credentials by leveraging unspecified side effects of servic...

5.8AI score0.00352EPSS
Exploits0References3
Rows per page
Query Builder