Lucene search
K
IbmFlex System Manager

5 matches found

CVE
CVE
added 2013/10/25 8:0 p.m.46 views

CVE-2013-5424

The IBM Security Bulletin confirms CVE-2013-5424 affects IBM Flex System Manager (FSM) 1.3.0, where an expired password for the system-level USERID lets an attacker bypass access controls and create rogue accounts or execute tasks. Affected product/version: FSM 1.3.0. Root cause: expired system-l...

6.8CVSS7.2AI score0.01306EPSS
CVE
CVE
added 2013/12/14 10:0 p.m.45 views

CVE-2013-5438

IBM Flex System Manager (FSM) web server versions 1.1.0–1.3 are affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary HTML/JavaScript via unsanitized input. The IBM bulletin notes a CVSS base score of 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N) and lists aff...

4.3CVSS5.7AI score0.01773EPSS
CVE
CVE
added 2014/08/29 10:0 a.m.45 views

CVE-2014-0897

The CVE-2014-0897 entry concerns IBM Flex System Manager (FSM) and its Configuration Patterns component. The issue is that FSM versions 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x use a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation. This weak cryptographi...

3.5CVSS6.1AI score0.00591EPSS
CVE
CVE
added 2014/07/07 10:0 a.m.44 views

CVE-2013-5423

Summary: CVE-2013-5423 affects IBM Flex System Manager (FSM) and IBM Systems Director in related advisories. The vulnerability allows an unauthenticated or unauthorized attacker to enumerate the list of user accounts in FSM/ISD, which could facilitate brute-force or unauthorized access attempts. ...

5CVSS7.3AI score0.01369EPSS
CVE
CVE
added 2015/02/19 2:0 a.m.38 views

CVE-2014-6147

CVE-2014-6147 affects IBM Flex System Manager (FSM) versions 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.x, 1.3.1.x, and 1.3.2.0. An authenticated user can obtain sensitive data and use it to escalate privileges or impersonate other users via unspecified vectors. IBM’s advisory notes remediation via code up...

2.1CVSS6.3AI score0.00375EPSS