Search criteria
12 vulnerabilities found for advanced_management_module_firmware by ibm
FKIE_CVE-2016-8232
Vulnerability from fkie_nvd - Published: 2017-03-01 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@lenovo.com | http://www.securityfocus.com/bid/95839 | Third Party Advisory, VDB Entry | |
| psirt@lenovo.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/121443 | Third Party Advisory | |
| psirt@lenovo.com | https://support.lenovo.com/us/en/product_security/LEN-5700 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95839 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/121443 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/LEN-5700 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | advanced_management_module_firmware | - | |
| ibm | advanced_management_module | - | |
| ibm | bladecenter | hs22 | |
| ibm | bladecenter | hs22v | |
| ibm | bladecenter | hs23 | |
| ibm | bladecenter | hs23e | |
| ibm | bladecenter | hx5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "734EBD6A-8615-4B4A-A1A9-EB603B1276E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "357307A8-421E-4433-A985-505565B0830A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*",
"matchCriteriaId": "1052332C-2892-4E69-8180-305039D6AF20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:*",
"matchCriteriaId": "1245D63B-4A91-4934-8DD8-49B4A10F33A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*",
"matchCriteriaId": "A633BBA0-4330-41DE-AAAE-D568D9E7442D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*",
"matchCriteriaId": "8644F48F-5032-48CB-B921-0CCC8E233347",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:*",
"matchCriteriaId": "929B68CB-91CD-40EB-87A0-BD66E25922E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM\u0027s IP address to send a crafted URL that could inject a malicious script to access a user\u0027s AMM data such as cookies or other session information."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS basada en Document Object Model-(DOM) en Advanced Management Module (AMM) versiones anteriores a 66Z de Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 permite a un atacante no autenticado con acceso a la direcci\u00f3n IP de AMM mandar una URL manipulada que podr\u00eda inyectar un scrip malicioso para acceder a los datos AMM de un usuario como cookies u otra informaci\u00f3n de la sesi\u00f3n."
}
],
"id": "CVE-2016-8232",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-01T21:59:00.243",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95839"
},
{
"source": "psirt@lenovo.com",
"tags": [
"Third Party Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-0860
Vulnerability from fkie_nvd - Published: 2014-07-07 11:01 - Updated: 2025-04-12 10:46
Severity ?
Summary
The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEE77E6-DC53-4710-9584-FD2CEACB46BE",
"versionEndIncluding": "1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:integrated_management_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA49FD93-328A-4E60-8BD1-817936DE2E82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E920A51B-0382-4474-870C-C6AD285FA6DF",
"versionEndIncluding": "3.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "357307A8-421E-4433-A985-505565B0830A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:integrated_management_module_ii_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D348D34E-1379-4CBA-A21C-3E13DA279A5F",
"versionEndIncluding": "3.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:integrated_management_module_ii:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE67F95-2ECE-4BF5-8E4B-2D6390160FCE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface."
},
{
"lang": "es",
"value": "El firmware anterior a 3.66E en IBM BladeCenter Advanced Management Module (AMM), el firmware anterior a 1.43 en IBM Integrated Management Module (IMM), y el firmware anterior a 4.15 en IBM Integrated Management Module II (IMM2) contiene los credenciales IPMI en texto claro, lo que permite a atacantes remotos ejecutar comandos IPMI arbitrarios, y como consecuencia establecer una sesi\u00f3n de control remoto blade, mediante el aprovechamiento del acceso a (1) el chassis internal network o (2) la interfaz \u0027Ethernet-over-USB\u0027."
}
],
"id": "CVE-2014-0860",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-07T11:01:28.680",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-6718
Vulnerability from fkie_nvd - Published: 2013-12-01 04:31 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bbet64b:*:*:*:*:*:*",
"matchCriteriaId": "6B9ADAF5-AF4E-4D93-A789-6B033C90022C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bbet64c:*:*:*:*:*:*",
"matchCriteriaId": "B894BA62-335F-4269-8C82-74762282B02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bbet64g:*:*:*:*:*:*",
"matchCriteriaId": "4B394200-3A01-4F0A-BE36-CAE7566FE50F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bpeo64b:*:*:*:*:*:*",
"matchCriteriaId": "07E9F9DB-A8EF-48A1-9718-7A5E53529B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bpeo64c:*:*:*:*:*:*",
"matchCriteriaId": "6CE83495-4D09-4F01-A207-B9BDC9877E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bpeo64g:*:*:*:*:*:*",
"matchCriteriaId": "2A101BE4-64D3-4E16-84E5-38A59C9890AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bpet64b:*:*:*:*:*:*",
"matchCriteriaId": "319BC24F-C66C-4E34-B020-37AC7E39C433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bpet64c:*:*:*:*:*:*",
"matchCriteriaId": "97CA149A-68FC-4723-810A-97236AFD6B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:advanced_management_module_firmware:3.64:bpet64g:*:*:*:*:*:*",
"matchCriteriaId": "41535039-EDE0-4957-8762-50B46C36884B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface."
},
{
"lang": "es",
"value": "Advanced Management Module (AMM) con firmware 3.64B, 3.64C, y 3.64G para sistemas IBM BladeCenter permite a atacantes remotos descubrir nombres de cuentas y contrase\u00f1as a trav\u00e9s del uso de una interfaz no especificada."
}
],
"id": "CVE-2013-6718",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-01T04:31:49.707",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://osvdb.org/100397"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/55921"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/64032"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/100397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-3935
Vulnerability from fkie_nvd - Published: 2009-11-12 17:54 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB95BF0-DE99-426C-BAAC-F11D26F1E604",
"versionEndIncluding": "2.50c",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CAC775-3003-46B5-8F71-E6714B407B76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8C118D-55F0-4B9F-BE7D-BCF5785B91B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "39692441-13DC-4FA9-BC0E-956B2CFABA80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.20f:*:*:*:*:*:*:*",
"matchCriteriaId": "92560A6E-7DB6-4386-82E4-3065F7CCA3C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9E89E2-6A0E-45CF-82DC-E142545B7706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.25e:*:*:*:*:*:*:*",
"matchCriteriaId": "53A33EAB-75DF-4724-B63D-8F7206CA0474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.25i:*:*:*:*:*:*:*",
"matchCriteriaId": "B912239E-ABA7-4D96-80D2-D93C718404D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.26b:*:*:*:*:*:*:*",
"matchCriteriaId": "5A16A762-F911-4D58-8D93-921FEF1674DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.26e:*:*:*:*:*:*:*",
"matchCriteriaId": "D03C0AAF-9D47-4524-87B7-186CCAC33707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.26h:*:*:*:*:*:*:*",
"matchCriteriaId": "BA61D831-ABCC-4622-80D9-53637AAA458F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.26i:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F0B05F-EE07-4261-8E09-A11081E1D9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.26k:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B83853-5EDB-4AD7-BAAF-252C71B7BD4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.28g:*:*:*:*:*:*:*",
"matchCriteriaId": "1B3F5569-B25E-43DA-970D-AA9D9CC2979F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.32d:*:*:*:*:*:*:*",
"matchCriteriaId": "16D3776F-5B97-477F-B397-9161A64771B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.34b:*:*:*:*:*:*:*",
"matchCriteriaId": "1356422D-E695-49F2-BFA4-275A9EC857CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.34e:*:*:*:*:*:*:*",
"matchCriteriaId": "0F956A08-A3D4-42C6-BDDC-F6A417FD5FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.36d:*:*:*:*:*:*:*",
"matchCriteriaId": "E33E5CBA-B044-41D0-AAA8-0E3402D35D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.36g:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB8B620-EF87-4818-9D43-5311AF55D2BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.36h:*:*:*:*:*:*:*",
"matchCriteriaId": "294822FC-3118-4D17-B178-F8A023D31F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.36k:*:*:*:*:*:*:*",
"matchCriteriaId": "3326A7E5-2852-40D0-B9EA-34C63EE113FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.42d:*:*:*:*:*:*:*",
"matchCriteriaId": "22928A60-F0B6-4FCC-A0C2-C60E81FAADD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.42f:*:*:*:*:*:*:*",
"matchCriteriaId": "8245059E-DEFD-4421-B166-851A97A5E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.42i:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC04209-8AA5-4353-AC42-7ACBFBCDAC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.42n:*:*:*:*:*:*:*",
"matchCriteriaId": "280DA292-AA2E-41B6-8B48-3436DE3B47D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.42o:*:*:*:*:*:*:*",
"matchCriteriaId": "49235342-7700-4AEA-B41A-4E2F35456245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:1.42t:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6FF2D0-8014-4E3F-840C-721B38357F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:2.46c:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BAAFFB-8223-448E-BA4F-A27B9E867936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:2.46j:*:*:*:*:*:*:*",
"matchCriteriaId": "3B8695FC-2C14-41DB-954F-C0CD99C69F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:2.48c:*:*:*:*:*:*:*",
"matchCriteriaId": "A10F5132-9F28-4ACA-A712-AFE6EF37BA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:2.48d:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A70C2C-3691-457D-9663-29DC41E15059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:2.48g:*:*:*:*:*:*:*",
"matchCriteriaId": "1E934753-B5DB-4FD2-8145-F3C48B4D8E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:2.48l:*:*:*:*:*:*:*",
"matchCriteriaId": "D14E87B9-E5CE-4D32-85B3-F525D78AC9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module_firmware:2.48n:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E2B205-B61A-473C-9E41-5E65B9B99E66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter:t:*:8720:*:*:*:*:*",
"matchCriteriaId": "A7C6F823-C727-45DA-A623-3F95C92CFE76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:bladecenter:t:*:8730:*:*:*:*:*",
"matchCriteriaId": "9B853206-C826-4215-9A56-8CAF9D018603",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en el firmware de Advanced Management Module, en versiones anteriores a la 2.50G, para el IBM BladeCenter T 8720-2xx y 8730-2xx tienen un impacto y unos vectores de ataque desconocidos."
}
],
"id": "CVE-2009-3935",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-12T17:54:58.610",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36970"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3188"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-8232 (GCVE-0-2016-8232)
Vulnerability from cvelistv5 – Published: 2017-03-01 21:00 – Updated: 2024-08-06 02:13
VLAI?
Summary
Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.
Severity ?
No CVSS data available.
CWE
- DOM-Based XSS
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z |
Affected:
Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
},
{
"name": "lenovo-cve20168232-xss(121443)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"name": "95839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95839"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z"
}
]
}
],
"datePublic": "2017-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM\u0027s IP address to send a crafted URL that could inject a malicious script to access a user\u0027s AMM data such as cookies or other session information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DOM-Based XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-03T20:57:01",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
},
{
"name": "lenovo-cve20168232-xss(121443)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"name": "95839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95839"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2016-8232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z",
"version": {
"version_data": [
{
"version_value": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM\u0027s IP address to send a crafted URL that could inject a malicious script to access a user\u0027s AMM data such as cookies or other session information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DOM-Based XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-5700",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
},
{
"name": "lenovo-cve20168232-xss(121443)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"name": "95839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95839"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2016-8232",
"datePublished": "2017-03-01T21:00:00",
"dateReserved": "2016-09-16T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0860 (GCVE-0-2014-0860)
Vulnerability from cvelistv5 – Published: 2014-07-07 10:00 – Updated: 2024-08-06 09:27
VLAI?
Summary
The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:20.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-bladecenter-cve20140860-info-disc(90880)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-bladecenter-cve20140860-info-disc(90880)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-bladecenter-cve20140860-info-disc(90880)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-0860",
"datePublished": "2014-07-07T10:00:00",
"dateReserved": "2014-01-06T00:00:00",
"dateUpdated": "2024-08-06T09:27:20.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6718 (GCVE-0-2013-6718)
Vulnerability from cvelistv5 – Published: 2013-12-01 02:00 – Updated: 2024-08-06 17:46
VLAI?
Summary
The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"name": "55921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55921"
},
{
"name": "bladecenter-amm-cve20136718-expose-cred(89174)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
},
{
"name": "100397",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/100397"
},
{
"name": "64032",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"name": "55921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55921"
},
{
"name": "bladecenter-amm-cve20136718-expose-cred(89174)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
},
{
"name": "100397",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/100397"
},
{
"name": "64032",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-6718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"name": "55921",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55921"
},
{
"name": "bladecenter-amm-cve20136718-expose-cred(89174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
},
{
"name": "100397",
"refsource": "OSVDB",
"url": "http://osvdb.org/100397"
},
{
"name": "64032",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-6718",
"datePublished": "2013-12-01T02:00:00",
"dateReserved": "2013-11-08T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3935 (GCVE-0-2009-3935)
Vulnerability from cvelistv5 – Published: 2009-11-12 16:00 – Updated: 2024-09-16 19:55
VLAI?
Summary
Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36970",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36970"
},
{
"name": "ADV-2009-3188",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-11-12T16:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36970",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36970"
},
{
"name": "ADV-2009-3188",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36970",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36970"
},
{
"name": "ADV-2009-3188",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"name": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg",
"refsource": "CONFIRM",
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3935",
"datePublished": "2009-11-12T16:00:00Z",
"dateReserved": "2009-11-12T00:00:00Z",
"dateUpdated": "2024-09-16T19:55:50.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8232 (GCVE-0-2016-8232)
Vulnerability from nvd – Published: 2017-03-01 21:00 – Updated: 2024-08-06 02:13
VLAI?
Summary
Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.
Severity ?
No CVSS data available.
CWE
- DOM-Based XSS
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z |
Affected:
Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
},
{
"name": "lenovo-cve20168232-xss(121443)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"name": "95839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95839"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z"
}
]
}
],
"datePublic": "2017-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM\u0027s IP address to send a crafted URL that could inject a malicious script to access a user\u0027s AMM data such as cookies or other session information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DOM-Based XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-03T20:57:01",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
},
{
"name": "lenovo-cve20168232-xss(121443)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"name": "95839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95839"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2016-8232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z",
"version": {
"version_data": [
{
"version_value": "Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM\u0027s IP address to send a crafted URL that could inject a malicious script to access a user\u0027s AMM data such as cookies or other session information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DOM-Based XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-5700",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-5700"
},
{
"name": "lenovo-cve20168232-xss(121443)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121443"
},
{
"name": "95839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95839"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2016-8232",
"datePublished": "2017-03-01T21:00:00",
"dateReserved": "2016-09-16T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0860 (GCVE-0-2014-0860)
Vulnerability from nvd – Published: 2014-07-07 10:00 – Updated: 2024-08-06 09:27
VLAI?
Summary
The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:20.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-bladecenter-cve20140860-info-disc(90880)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-bladecenter-cve20140860-info-disc(90880)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-bladecenter-cve20140860-info-disc(90880)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90880"
},
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-0860",
"datePublished": "2014-07-07T10:00:00",
"dateReserved": "2014-01-06T00:00:00",
"dateUpdated": "2024-08-06T09:27:20.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6718 (GCVE-0-2013-6718)
Vulnerability from nvd – Published: 2013-12-01 02:00 – Updated: 2024-08-06 17:46
VLAI?
Summary
The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"name": "55921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55921"
},
{
"name": "bladecenter-amm-cve20136718-expose-cred(89174)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
},
{
"name": "100397",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/100397"
},
{
"name": "64032",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"name": "55921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55921"
},
{
"name": "bladecenter-amm-cve20136718-expose-cred(89174)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
},
{
"name": "100397",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/100397"
},
{
"name": "64032",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-6718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718"
},
{
"name": "55921",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55921"
},
{
"name": "bladecenter-amm-cve20136718-expose-cred(89174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89174"
},
{
"name": "100397",
"refsource": "OSVDB",
"url": "http://osvdb.org/100397"
},
{
"name": "64032",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-6718",
"datePublished": "2013-12-01T02:00:00",
"dateReserved": "2013-11-08T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3935 (GCVE-0-2009-3935)
Vulnerability from nvd – Published: 2009-11-12 16:00 – Updated: 2024-09-16 19:55
VLAI?
Summary
Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36970",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36970"
},
{
"name": "ADV-2009-3188",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-11-12T16:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36970",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36970"
},
{
"name": "ADV-2009-3188",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36970",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36970"
},
{
"name": "ADV-2009-3188",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"name": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg",
"refsource": "CONFIRM",
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3935",
"datePublished": "2009-11-12T16:00:00Z",
"dateReserved": "2009-11-12T00:00:00Z",
"dateUpdated": "2024-09-16T19:55:50.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}