CVE-2019-6159

A stored cross-site scripting XSS vulnerability exists in various firmware versions of the legacy IBM System x IMM IMM v1 embedded Baseboard Management Controller BMC. This vulnerability could allow an unauthenticated user to cause JavaScript code to be stored in the IMM log which may then be...

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in various firmware versions of the legacy IBM System x IMM IMM v1 embedded Baseboard Management Controller BMC. This vulnerability could allow an unauthenticated user to cause JavaScript code to be stored in the IMM log which may then be...

CVE-2019-6159

CVE-2019-6159 affects legacy IBM System x IMM (IMM v1) BMCs where a stored cross-site scripting (XSS) flaw allows an unauthenticated user to store JavaScript in IMM logs, which then executes in a browser when logs are viewed. The vulnerability does not execute on the IMM itself, and IMM v2 is not...

CVE-2019-6159

A stored cross-site scripting XSS vulnerability exists in various firmware versions of the legacy IBM System x IMM IMM v1 embedded Baseboard Management Controller BMC. This vulnerability could allow an unauthenticated user to cause JavaScript code to be stored in the IMM log which may then be...

PT-2019-17992 · Ibm · Ibm System X Imm

Name of the Vulnerable Software and Affected Versions: IBM System x IMM IMM v1 versions affected versions not specified Description: A stored cross-site scripting XSS issue exists in the legacy IBM System x IMM IMM v1 embedded Baseboard Management Controller BMC, allowing an unauthenticated user ...

Stored XSS Vulnerability in legacy IBM System x IMM - Lenovo Support US

No description provided...

Security Bulletin: Vulnerability in RC4 stream cipher affects System x Integrated Management Module (IMM) (CVE-2015-2808)

Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects System x IMM. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects System x IMM. Vulnerability Details CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow...

Security Bulletin: Vulnerabilities in OpenSSL affect multiple products shipped with Intelligent Cluster. (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470)

Summary Information about security vulnerabilities affecting multiple products shipped as components of Intelligent Cluster has been published in security bulletins. Vulnerability Details Abstract Information about security vulnerabilities affecting multiple products shipped as components of...

Security Bulletin: IBM System x Integrated Management Module (IMM) Lighttpd W (CVE-2011-4362, CVE-2010-0295, CVE-2008-4360, CVE-2008-4359, CVE-20084298, CVE-2008-1531)

Summary Older versions of lighttpd, used by System x IMM contain multiple vulnerabilities. Vulnerability Details Abstract Older versions of lighttpd, used by System x IMM contain multiple vulnerabilities. Content Vulnerability Details: CVE ID: CVE-2011-4362 Description: Integer signedness error i...