4 matches found
CVE-2013-4038
The CVE-2013-4038 issue affects IBM IMM/IMM2 IPMI implementations (IBM BladeCenter, Flex System, System x iDataPlex, System x3###). Root cause: passwords for user accounts are stored in clear text in the IMM filesystem, enabling an attacker with access to the IMM OS to view credentials and potent...
CVE-2013-4037
The CVE-2013-4037 issue concerns the RAKP-based authentication in IPMI on IBM/Lenovo IMM and IMM2 (various BladeCenter, Flex System, System x IMM/IMM2 platforms). The RAKP flow transmits a password hash to the client, enabling offline brute‑force/dictionary attacks to recover credentials. IBM’s a...
CVE-2013-4030
CVE-2013-4030 affects IBM IMM2 (and related IMM1/FSM) across several IBM System x and Flex System products. The vulnerability arises from SSL/TLS cipher suites using symmetric keys shorter than 128 bits, making brute-force attacks more feasible on SSL/TLS traffic. Affected IMM2 versions include 1...
CVE-2013-4031
The CVE-2013-4031 issue affects IBM/Lenovo IMM/IMM2 IPMI implementations where a single preconfigured IPMI user account uses default credentials across affected systems (IBM BladeCenter, Flex System, System x iDataPlex, System x3###; Lenovo IMM/IMM2/TSM). The root cause is the presence of a defau...