← Back

CVE-2014-0882

nvd nist
Published: Apr 25, 2018Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.

Affected (5)

Ibm
1 product
Integrated Management Module Firmware
Configuration A
5 vulnerable · 15 platform
Vulnerable SoftwareAffected Versions
Ibm
Integrated Management Module Firmware
Version 3.50
Integrated Management Module Firmware
Version 3.55
Integrated Management Module Firmware
Version 3.56
Integrated Management Module Firmware
Version 3.65
Integrated Management Module Firmware
Version 3.67
Running on/withPlatform Versions
Ibm
Flex System Manager 7955
All versions
Ibm
Flex System Manager 8731
All versions
Ibm
Flex System X220
All versions
Ibm
Flex System X240
All versions
Ibm
Flex System X440
All versions
Ibm
Nextscale Nx360 M4
All versions
Ibm
System X3100 M4
All versions
Ibm
System X3250 M4
All versions
Ibm
System X3500 M4
All versions
Ibm
System X3530 M4
All versions
Ibm
System X3550 M4
All versions
Ibm
System X3630 M4
All versions
Ibm
System X3650 M4
All versions
Ibm
System X3750 M4
All versions
Ibm
System X Idataplex Dx360 M4
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

Source: psirt@us.ibm.com
Third Party Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.