5
CVE-2014-0860
- EPSS 0.24%
- Published 07.07.2014 11:01:28
- Last modified 12.04.2025 10:46:40
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Integrated Management Module Firmware Version <= 1.36
Ibm ≫ Integrated Management Module Version-
Ibm ≫ Advanced Management Module Firmware Version <= 3.65
Ibm ≫ Advanced Management Module Version-
Ibm ≫ Integrated Management Module Ii Firmware Version <= 3.65
Ibm ≫ Integrated Management Module Ii Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.436 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|