6.5

CVE-2014-0882

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.

Data is provided by the National Vulnerability Database (NVD)
IbmIntegrated Management Module Firmware Version3.50
   IbmFlex System Manager 7955 Version-
   IbmFlex System Manager 8731 Version-
   IbmFlex System X220 Version-
   IbmFlex System X240 Version-
   IbmFlex System X440 Version-
   IbmNextscale Nx360 M4 Version-
   IbmSystem X Idataplex Dx360 M4 Version-
   IbmSystem X3100 M4 Version-
   IbmSystem X3250 M4 Version-
   IbmSystem X3500 M4 Version-
   IbmSystem X3530 M4 Version-
   IbmSystem X3550 M4 Version-
   IbmSystem X3630 M4 Version-
   IbmSystem X3650 M4 Version-
   IbmSystem X3750 M4 Version-
IbmIntegrated Management Module Firmware Version3.55
   IbmFlex System Manager 7955 Version-
   IbmFlex System Manager 8731 Version-
   IbmFlex System X220 Version-
   IbmFlex System X240 Version-
   IbmFlex System X440 Version-
   IbmNextscale Nx360 M4 Version-
   IbmSystem X Idataplex Dx360 M4 Version-
   IbmSystem X3100 M4 Version-
   IbmSystem X3250 M4 Version-
   IbmSystem X3500 M4 Version-
   IbmSystem X3530 M4 Version-
   IbmSystem X3550 M4 Version-
   IbmSystem X3630 M4 Version-
   IbmSystem X3650 M4 Version-
   IbmSystem X3750 M4 Version-
IbmIntegrated Management Module Firmware Version3.56
   IbmFlex System Manager 7955 Version-
   IbmFlex System Manager 8731 Version-
   IbmFlex System X220 Version-
   IbmFlex System X240 Version-
   IbmFlex System X440 Version-
   IbmNextscale Nx360 M4 Version-
   IbmSystem X Idataplex Dx360 M4 Version-
   IbmSystem X3100 M4 Version-
   IbmSystem X3250 M4 Version-
   IbmSystem X3500 M4 Version-
   IbmSystem X3530 M4 Version-
   IbmSystem X3550 M4 Version-
   IbmSystem X3630 M4 Version-
   IbmSystem X3650 M4 Version-
   IbmSystem X3750 M4 Version-
IbmIntegrated Management Module Firmware Version3.65
   IbmFlex System Manager 7955 Version-
   IbmFlex System Manager 8731 Version-
   IbmFlex System X220 Version-
   IbmFlex System X240 Version-
   IbmFlex System X440 Version-
   IbmNextscale Nx360 M4 Version-
   IbmSystem X Idataplex Dx360 M4 Version-
   IbmSystem X3100 M4 Version-
   IbmSystem X3250 M4 Version-
   IbmSystem X3500 M4 Version-
   IbmSystem X3530 M4 Version-
   IbmSystem X3550 M4 Version-
   IbmSystem X3630 M4 Version-
   IbmSystem X3650 M4 Version-
   IbmSystem X3750 M4 Version-
IbmIntegrated Management Module Firmware Version3.67
   IbmFlex System Manager 7955 Version-
   IbmFlex System Manager 8731 Version-
   IbmFlex System X220 Version-
   IbmFlex System X240 Version-
   IbmFlex System X440 Version-
   IbmNextscale Nx360 M4 Version-
   IbmSystem X Idataplex Dx360 M4 Version-
   IbmSystem X3100 M4 Version-
   IbmSystem X3250 M4 Version-
   IbmSystem X3500 M4 Version-
   IbmSystem X3530 M4 Version-
   IbmSystem X3550 M4 Version-
   IbmSystem X3630 M4 Version-
   IbmSystem X3650 M4 Version-
   IbmSystem X3750 M4 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.24% 0.445
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.