Lucene search
+L

104 matches found

Cvelist
Cvelist
added 2018/04/25 8:0 p.m.24 views

CVE-2014-0882

Integrated Management Module II IMM2 on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data FFDC. IBM X-Force ID: 91149...

5.9AI score0.01233EPSS
Exploits0References3
CVE
CVE
added 2018/04/25 8:0 p.m.43 views

CVE-2014-0882

CVE-2014-0882 affects IBM IMM2 (Integrated Management Module II) across Flex System x220/x222/x240/x440, NeXtScale nx360 M4, System x3100/M4, x3250/M4, x3500/M4, x3530/M4, x3550/M4, x3630/M4, x3650/M4, x3750/M4, and x iDataPlex dx360 M4, where certain configurations may cause generated Service Ad...

6.5CVSS5.8AI score0.01233EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/04/25 8:0 p.m.40 views

CVE-2014-0881

The CVE-2014-0881 vulnerability affects IBM Flex System x222 compute node IMM2 TPM (firmware 1.00–3.56). The issue arises from an incorrectly configured TPM, potentially allowing an attacker to exfiltrate TPM data or cause a denial-of-service. IBM/IBM X-Force notes exploitability; IBM bulletin re...

7.4CVSS7.2AI score0.02064EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/04/19 2:0 p.m.51 views

CVE-2017-3774

CVE-2017-3774 describes a stack overflow in the IMM2 web administration service. The vulnerability affects IMM2 firmware earlier than 4.70 on Lenovo servers and earlier than 6.60 on some IBM servers, where a crafted user ID and password can overflow the authentication routine’s stack, causing sta...

9.8CVSS9.5AI score0.01291EPSS
Exploits0References1Affected Software1
Lenovo
Lenovo
added 2018/04/12 5:17 p.m.563 views

IMM2 Web Service Stack Overflow - NL

Lenovo Security Advisory: LEN-19586 Potential Impact: Stack overflow leading to memory corruption Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2017-3774 Summary Description: A stack overflow vulnerability was discovered within the web administration service in the...

7.5CVSS4.2AI score0.01291EPSS
Exploits0
Lenovo
Lenovo
added 2018/04/12 5:17 p.m.25 views

IMM2 Web Service Stack Overflow - Lenovo Support US

Lenovo Security Advisory: LEN-19586 Potential Impact: Stack overflow leading to memory corruption Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2017-3774 Summary Description: A stack overflow vulnerability was discovered within the web administration service in the...

9.2AI score0.01291EPSS
Exploits0
Prion
Prion
added 2018/01/26 7:29 p.m.20 views

Authentication flaw

An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x. Flooding the IMM2 with a high volume of authentication failures via the Common Information Model CIM used ...

7.8CVSS7.4AI score0.01212EPSS
Exploits0References1Affected Software37
NVD
NVD
added 2018/01/26 7:29 p.m.24 views

CVE-2017-3768

An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x. Flooding the IMM2 with a high volume of authentication failures via the Common Information Model CIM used ...

7.8CVSS7.5AI score0.01212EPSS
Exploits0References1
CVE
CVE
added 2018/01/26 7:0 p.m.59 views

CVE-2017-3768

CVE-2017-3768 affects IBM IMM2 (System x, Flex, BladeCenter) and Lenovo System x variants. A remote, unprivileged attacker with CIM connectivity can flood IMM2 with authentication failures, exhausting memory and causing the device to reboot. Affected versions are Lenovo System x (pre-4.4) and IBM...

7.8CVSS7.4AI score0.01212EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/01/26 7:0 p.m.25 views

CVE-2017-3768

An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x. Flooding the IMM2 with a high volume of authentication failures via the Common Information Model CIM used ...

7.5AI score0.01212EPSS
Exploits0References1
Lenovo
Lenovo
added 2018/01/26 12:0 a.m.231 views

IMM2 Denial of Service Attack by an Unprivileged User - NL

Lenovo Security Advisory: LEN-14450 Potential Impact: Denial of Service Severity: Medium Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3768 Summary Description: A vulnerability was discovered in the Integrated Management Module 2 IMM2 used in some Lenovo servers where an unprivileged...

7.8CVSS7.2AI score0.01212EPSS
Exploits0
Lenovo
Lenovo
added 2018/01/26 12:0 a.m.28 views

IMM2 Denial of Service Attack by an Unprivileged User - Lenovo Support NL

No description provided...

5.8AI score
Exploits0
Lenovo
Lenovo
added 2017/08/08 12:0 a.m.19 views

Login information processed by the IMM2 may be exposed to local IMM2 users - Lenovo Support US

No description provided...

6.7AI score
Exploits0
Lenovo
Lenovo
added 2017/08/08 12:0 a.m.70 views

Login information processed by the IMM2 may be exposed to local IMM2 users - us

Lenovo Security Advisory: LEN-14054 Potential Impact: Disclosure of login credentials to user with local privileges Severity: Medium Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3744 Summary Description: A risk has been identified in the IMM2 firmware of Lenovo System x servers where...

4CVSS6.6AI score0.00842EPSS
Exploits0
NVD
NVD
added 2017/06/20 12:29 a.m.15 views

CVE-2017-3744

In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture FFDC service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information...

6.5CVSS6.8AI score0.00842EPSS
Exploits0References1
CVE
CVE
added 2017/06/20 12:0 a.m.44 views

CVE-2017-3744

CVE-2017-3744 affects Lenovo System x IMM2 firmware. Remote commands issued by LXCA/other utilities may be logged in the FFDC service log, potentially exposing clear-text login information to authorized users who can capture/export FFDC data. Impact is confined to Lenovo System x IMM2, with the v...

6.5CVSS6.7AI score0.00842EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/06/20 12:0 a.m.22 views

CVE-2017-3744

In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture FFDC service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information...

6.8AI score0.00842EPSS
Exploits0References1
Lenovo
Lenovo
added 2017/01/23 12:0 a.m.378 views

Inherent Risks of Using the Intelligent Platform Management Interface (IPMI) on the Lenovo System x Integrated Management Module (IMM), Integrated Management Module II (IMM2) and ThinkServer TSM - us

Lenovo Security Advisory: LEN-10617 Potential Impact: Access to systems through IPMI if default settings are not changed Severity: High Scope of Impact: Industry-Wide CVE Identifiers: CVE-2013-4037, CVE-2013-4031 Summary Description: Various risks with the industry-standard Intelligent Platform...

10CVSS6.1AI score0.02044EPSS
Exploits0
Lenovo
Lenovo
added 2016/06/20 12:0 a.m.14 views

Privilege Escalation and Denial of Service Vulnerabilities in System X IMM2

...

7AI score
Exploits0
NVD
NVD
added 2014/07/07 11:1 a.m.19 views

CVE-2014-0860

The firmware before 3.66E in IBM BladeCenter Advanced Management Module AMM, the firmware before 1.43 in IBM Integrated Management Module IMM, and the firmware before 4.15 in IBM Integrated Management Module II IMM2 contains cleartext IPMI credentials, which allows attackers to execute arbitrary...

5CVSS7.1AI score0.00982EPSS
Exploits0References2
Rows per page
Query Builder