All the vulnerabilites related to ibm - flex_system_x880_x6
cve-2018-9085
Vulnerability from cvelistv5
Published
2018-11-16 14:00
Modified
2024-08-05 07:17
Severity ?
EPSS score ?
Summary
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.lenovo.com/us/en/solutions/LEN-24477 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Lenovo | System x UEFI |
Version: unspecified < varies |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:50.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System x UEFI",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "varies",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "System x UEFI",
"vendor": "IBM",
"versions": [
{
"lessThan": "varies",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-16T13:57:01",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
}
],
"solutions": [
{
"lang": "en",
"value": "Update UEFI firmware"
}
],
"source": {
"advisory": "LEN-24477",
"discovery": "INTERNAL"
},
"title": "Missing System x Flash Memory Write Protection Lock Bit",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2018-9085",
"STATE": "PUBLIC",
"TITLE": "Missing System x Flash Memory Write Protection Lock Bit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System x UEFI",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "varies"
}
]
}
}
]
},
"vendor_name": "Lenovo"
},
{
"product": {
"product_data": [
{
"product_name": "System x UEFI",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "varies"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-24477",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update UEFI firmware"
}
],
"source": {
"advisory": "LEN-24477",
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2018-9085",
"datePublished": "2018-11-16T14:00:00",
"dateReserved": "2018-03-27T00:00:00",
"dateUpdated": "2024-08-05T07:17:50.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-4768
Vulnerability from cvelistv5
Published
2015-06-28 22:00
Modified
2024-08-06 11:27
Severity ?
EPSS score ?
Summary
IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098278 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:27:36.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098278"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-28T22:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098278"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098278",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098278"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-4768",
"datePublished": "2015-06-28T22:00:00",
"dateReserved": "2014-07-09T00:00:00",
"dateUpdated": "2024-08-06T11:27:36.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2015-06-28 22:59
Modified
2024-11-21 02:10
Severity ?
Summary
IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | uefi | * | |
| ibm | flex_system_x3850_x6 | * | |
| ibm | flex_system_x3950_x6 | * | |
| ibm | flex_system_x880_x6 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:uefi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA7C145-0800-4994-BE33-5441F9FA5D89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x3850_x6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E1618B4-B532-4E1C-A515-D6592A7EBEFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x3950_x6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBAFC8E0-6442-45F2-A5B5-9BFB523BC445",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ibm:flex_system_x880_x6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EDC087B-B5AF-4E46-BBE2-C42D78B74051",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode."
},
{
"lang": "es",
"value": "IBM Unified Extensible Firmware Interface (UEFI) en los dispositivos Flex System x880 X6, System x3850 X6, y System x3950 X6 permite a usuarios remotos autenticados causar una denegaci\u00f3n temporal no especificado de servicio mediante el uso del acceso privilegiado a habilitar un modo de inicio de legado."
}
],
"id": "CVE-2014-4768",
"lastModified": "2024-11-21T02:10:51.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-28T22:59:00.080",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098278"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-16 14:29
Modified
2024-11-21 04:14
Severity ?
Summary
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@lenovo.com | https://support.lenovo.com/us/en/solutions/LEN-24477 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/solutions/LEN-24477 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4615A750-2A3B-47B4-89EE-A3232E19CAF2",
"versionEndExcluding": "a3e122b",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBEEBA90-3902-48F4-AFF2-708C0F1732B6",
"versionEndExcluding": "cge122b",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69B6C713-88F0-46FA-9BA0-A8990742BF56",
"versionEndExcluding": "a5e124b",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC299FF-82AF-4B45-8646-8EEA9A9A7EB6",
"versionEndExcluding": "tke160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter:hs23:-:*:*:*:*:*:*",
"matchCriteriaId": "F6EB37C6-274D-420A-A870-508105E94A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B02CA18F-9C74-4F42-8306-D41CAC6AF823",
"versionEndExcluding": "ahe160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:-:*:*:*:*:*:*",
"matchCriteriaId": "A6035D4E-3B1E-4882-AD00-622A5A14E428",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x220_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4A9615-D41C-4D0E-B2F0-2F7193F4FB95",
"versionEndExcluding": "kse158c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD06E939-3D9E-4254-B570-0C9D79E1A6EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x222_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "386977A4-311D-48AE-BD40-17F1349F4912",
"versionEndExcluding": "cce160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D66C4AB-D69B-4D90-9F47-C590048582EE",
"versionEndExcluding": "ahe160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x280_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "348B1A1E-5617-4EA1-B562-5605EE463AFC",
"versionEndExcluding": "n3e132w",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x280_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F33B121-C777-4D32-B601-B32E3D240761",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3C5FED-59D7-4EB9-BE2F-C0CB0266348D",
"versionEndExcluding": "cne162d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x480_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1AFF5F6-2183-448D-A43E-9F13E6219E8D",
"versionEndExcluding": "n3e132w",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x480_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2B5F19-EE82-4DA4-9ACD-505943C4EC8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x880_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7656DBE9-CC1A-441D-95CA-2DC524ECEDE0",
"versionEndExcluding": "n2e130e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x880_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BED0E10-71B6-4323-96F5-B98D4FE7C7AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "088D5D83-67AB-43C4-BFC8-F80F86B24DAA",
"versionEndExcluding": "fhe120d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10ECC957-AC46-4141-9587-2A61F5F0C8D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07F99BB6-2E71-44B0-8910-EE4945EAE096",
"versionEndExcluding": "fhe120d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10ECC957-AC46-4141-9587-2A61F5F0C8D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3100_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "075B4B38-E5F0-4B21-9F42-8571C2DE2710",
"versionEndExcluding": "jqe184c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31A654AB-188E-47B2-8C6D-6EA5C824B75B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3100_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC44F64-B03F-4BF6-9D18-F800C95F486B",
"versionEndExcluding": "j9e134c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CDF041-DA1B-4657-B86C-6509F3DA4415",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3250_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A9A0EF2-F0DF-46EB-BBE1-5CE2A9F346F2",
"versionEndExcluding": "jqe184c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A1D29C-9491-4577-AB46-42924DB2B280",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3250_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9278E60-F61A-4BD6-974D-428F9328A97C",
"versionEndExcluding": "jue134c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD67192C-7833-40CB-9CCD-7ADBDC07BE47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3300_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B251FABB-7A74-4A00-9A6A-E1D5010F789F",
"versionEndExcluding": "yae156c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3300_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB437E6F-4A5B-4335-B6C3-0C061D630DF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3500_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0AEA8A-4BC9-46FC-A939-A72A4C2FBE47",
"versionEndExcluding": "y5e158c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3500_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "654187EE-51E9-4AC8-8563-9DD24BB97C5E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3530_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADB7945-EE70-42C6-91B6-F593CC246F4A",
"versionEndExcluding": "bee164c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3530_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "122C6446-D5A2-446F-89B7-FD6742A36CEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3550_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B343AFD4-F139-41CF-9BA1-8CC81AC5F94D",
"versionEndExcluding": "d7e166d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3550_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB7F4041-3E49-4C34-BCF1-E924690E7947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3630_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B811AAAD-7526-45DB-9506-2DF80EADD2BD",
"versionEndExcluding": "vve162c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3630_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59A6CC3F-EC19-408C-996E-AF260289F81B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3650_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73592E6B-511F-47DA-BE96-E485AB8B0C84",
"versionEndExcluding": "vve160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A50E12D4-7631-4FF3-9390-BE1893468310",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED733CEF-494D-4770-8A9B-5AFDA89FC689",
"versionEndExcluding": "vve160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D37B42B3-A246-4C15-BC87-E821246EAF1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D526F5A8-6411-445E-9EAA-29AD7AD98834",
"versionEndExcluding": "vve160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66850147-3473-4092-A79B-B42BFEC652FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA3F56B-6163-4FEC-8BFC-8DC45928F175",
"versionEndExcluding": "koe160c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3750_m4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2C1FAF-46C5-4FB0-AA16-FB731CF77944",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D289168-1A35-48DA-8CA2-38DA52046CB3",
"versionEndExcluding": "a8e128c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3850_x6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74A84455-9F94-4934-93ED-623BC81A1406",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E50A5B5-5EAF-41C2-8FFF-430F8D13AC22",
"versionEndExcluding": "bee164c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3950_x6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D27C8F43-4900-4A12-9A99-D833DDD51B6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."
},
{
"lang": "es",
"value": "Se ha dejado sin establecer un bit de bloqueo de protecci\u00f3n de escritura tras el arranque en una generaci\u00f3n m\u00e1s antigua de los servidores x de Lenovo y IBM System, lo que podr\u00eda permitir que un atacante con acceso de administrador modifique el subconjunto de memoria flash que contiene Intel SPS (Server Platform Services) y los descriptores flash del sistema."
}
],
"id": "CVE-2018-9085",
"lastModified": "2024-11-21T04:14:56.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-16T14:29:00.427",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}