← Back

CVE-2013-4038

nvd nist
Published: Aug 9, 2013Modified: Apr 29, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:P/I:N/A:N
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.

Affected (34)

Ibm
30 products
Bladecenter
Flex System X220 Compute Node
Flex System X240 Compute Node
Flex System X440 Compute Node
System X3100 M4
System X3200 M3
System X3250 M3
System X3250 M4
System X3400 M2
System X3400 M3
System X3500 M2
System X3500 M3
System X3500 M4
System X3530 M4
System X3550 M2
System X3550 M3
System X3550 M4
System X3620 M3
System X3630 M3
System X3630 M4
System X3650 M2
System X3650 M3
System X3650 M4
System X3690 X5
System X3750 M4
System X3850 X5
System X3950 X5
System X Idataplex Dx360 M2 Server
System X Idataplex Dx360 M3 Server
System X Idataplex Dx360 M4 Server
Configuration A
34 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Bladecenter
Version hs22
Bladecenter
Version hs22v
Bladecenter
Version hs23
Bladecenter
Version hs23e
Bladecenter
Version hx5
Flex System X220 Compute Node
All versions
Flex System X240 Compute Node
All versions
Flex System X440 Compute Node
All versions
System X3100 M4
All versions
System X3200 M3
All versions
System X3250 M3
All versions
System X3250 M4
All versions
System X3400 M2
All versions
System X3400 M3
All versions
System X3500 M2
All versions
System X3500 M3
All versions
System X3500 M4
All versions
System X3530 M4
All versions
System X3550 M2
All versions
System X3550 M3
All versions
System X3550 M4
All versions
System X3620 M3
All versions
System X3630 M3
All versions
System X3630 M4
All versions
System X3650 M2
All versions
System X3650 M3
All versions
System X3650 M4
All versions
System X3690 X5
All versions
System X3750 M4
All versions
System X3850 X5
All versions
System X3950 X5
All versions
System X Idataplex Dx360 M2 Server
All versions
System X Idataplex Dx360 M3 Server
All versions
System X Idataplex Dx360 M4 Server
All versions

Related CWEs

CWE-310
CWE-310

References (4)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.