5
CVE-2014-0860
- EPSS 0.24%
- Veröffentlicht 07.07.2014 11:01:28
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Integrated Management Module Firmware Version <= 1.36
Ibm ≫ Integrated Management Module Version-
Ibm ≫ Advanced Management Module Firmware Version <= 3.65
Ibm ≫ Advanced Management Module Version-
Ibm ≫ Integrated Management Module Ii Firmware Version <= 3.65
Ibm ≫ Integrated Management Module Ii Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.436 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|