All the vulnerabilites related to ibm - system_x3250_m4
Vulnerability from fkie_nvd
Published
2013-08-09 23:55
Modified
2024-11-21 01:54
Severity ?
Summary
The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack.
References
psirt@us.ibm.comhttp://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463Vendor Advisory
psirt@us.ibm.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/86173
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/86173
Impacted products
Vendor Product Version
ibm bladecenter hs22
ibm bladecenter hs22v
ibm bladecenter hs23
ibm bladecenter hs23e
ibm bladecenter hx5
ibm flex_system_x220_compute_node -
ibm flex_system_x240_compute_node -
ibm flex_system_x440_compute_node -
ibm system_x_idataplex_dx360_m2_server -
ibm system_x_idataplex_dx360_m3_server -
ibm system_x_idataplex_dx360_m4_server -
ibm system_x3100_m4 -
ibm system_x3200_m3 -
ibm system_x3250_m3 -
ibm system_x3250_m4 -
ibm system_x3400_m2 -
ibm system_x3400_m3 -
ibm system_x3500_m2 -
ibm system_x3500_m3 -
ibm system_x3500_m4 -
ibm system_x3530_m4 -
ibm system_x3550_m2 -
ibm system_x3550_m3 -
ibm system_x3550_m4 -
ibm system_x3620_m3 -
ibm system_x3630_m3 -
ibm system_x3630_m4 -
ibm system_x3650_m2 -
ibm system_x3650_m3 -
ibm system_x3650_m4 -
ibm system_x3690_x5 -
ibm system_x3750_m4 -
ibm system_x3850_x5 -
ibm system_x3950_x5 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*",
              "matchCriteriaId": "1052332C-2892-4E69-8180-305039D6AF20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:*",
              "matchCriteriaId": "1245D63B-4A91-4934-8DD8-49B4A10F33A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*",
              "matchCriteriaId": "A633BBA0-4330-41DE-AAAE-D568D9E7442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*",
              "matchCriteriaId": "8644F48F-5032-48CB-B921-0CCC8E233347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:*",
              "matchCriteriaId": "929B68CB-91CD-40EB-87A0-BD66E25922E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DCE85E-FB2D-49D4-863F-5D3458A674D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF9E83E-9526-49EC-8B32-4E896C1DFD54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB89722F-2C12-49A8-9A6E-02842EBF77B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5F6076-DF5F-44E0-8CCF-BD1A9E2FE5C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m3_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED62921-B746-41DC-951F-4BD80EC32A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4ABB5B-C1F0-4FEE-9879-3F9E023D5AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3200_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87D7B9E-BDD0-41D8-9A2B-CE989FA3888B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A3CD99D-F823-49A9-A9F4-6DE615358447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3400_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F09E64-4A8E-4C24-8699-ED0D4CD5BBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3400_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1890F42C-E455-4D81-86BA-E7E5E1B8D295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69ED256E-420A-42D7-B5EC-301097A4020F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02507B59-A854-43B1-B14D-E0CEA10FF62A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "247AFC7C-CAF6-46C5-82A4-7DF045C2E9D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E33754-643B-41FD-A751-4E1A029EFBD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3620_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5160AA6-DF5F-4247-BEA6-F17AC1667FA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F76C31D7-C2FF-4DAA-88DB-99EFE7E0BA83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C58073F4-505F-466B-A2F2-B13B70F3A78F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE88C85-1397-447D-9352-9609571E62B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3690_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3230D6FE-71DC-474E-94FE-0052C94AEFA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A7021F-5D6E-4FCB-A155-5EDC76B78167",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86142DE9-2C91-4FCB-9A1B-39AB541C05F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack."
    },
    {
      "lang": "es",
      "value": "El protocolo RAKP soportado en la implementaci\u00f3n Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, and System x3###, env\u00eda una contrase\u00f1a hash al cliente, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos obtener acceso a trav\u00e9s de un ataque de fuerza bruta."
    }
  ],
  "id": "CVE-2013-4037",
  "lastModified": "2024-11-21T01:54:45.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-08-09T23:55:02.863",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86173"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-08-09 23:55
Modified
2024-11-21 01:54
Severity ?
Summary
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors.
References
psirt@us.ibm.comhttp://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463Vendor Advisory
psirt@us.ibm.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/86172
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/86172
Impacted products
Vendor Product Version
ibm bladecenter hs22
ibm bladecenter hs22v
ibm bladecenter hs23
ibm bladecenter hs23e
ibm bladecenter hx5
ibm flex_system_x220_compute_node -
ibm flex_system_x240_compute_node -
ibm flex_system_x440_compute_node -
ibm system_x_idataplex_dx360_m2_server -
ibm system_x_idataplex_dx360_m3_server -
ibm system_x_idataplex_dx360_m4_server -
ibm system_x3100_m4 -
ibm system_x3200_m3 -
ibm system_x3250_m3 -
ibm system_x3250_m4 -
ibm system_x3400_m2 -
ibm system_x3400_m3 -
ibm system_x3500_m2 -
ibm system_x3500_m3 -
ibm system_x3500_m4 -
ibm system_x3530_m4 -
ibm system_x3550_m2 -
ibm system_x3550_m3 -
ibm system_x3550_m4 -
ibm system_x3620_m3 -
ibm system_x3630_m3 -
ibm system_x3630_m4 -
ibm system_x3650_m2 -
ibm system_x3650_m3 -
ibm system_x3650_m4 -
ibm system_x3690_x5 -
ibm system_x3750_m4 -
ibm system_x3850_x5 -
ibm system_x3950_x5 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*",
              "matchCriteriaId": "1052332C-2892-4E69-8180-305039D6AF20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:*",
              "matchCriteriaId": "1245D63B-4A91-4934-8DD8-49B4A10F33A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*",
              "matchCriteriaId": "A633BBA0-4330-41DE-AAAE-D568D9E7442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*",
              "matchCriteriaId": "8644F48F-5032-48CB-B921-0CCC8E233347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:*",
              "matchCriteriaId": "929B68CB-91CD-40EB-87A0-BD66E25922E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DCE85E-FB2D-49D4-863F-5D3458A674D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF9E83E-9526-49EC-8B32-4E896C1DFD54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB89722F-2C12-49A8-9A6E-02842EBF77B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5F6076-DF5F-44E0-8CCF-BD1A9E2FE5C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m3_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED62921-B746-41DC-951F-4BD80EC32A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4ABB5B-C1F0-4FEE-9879-3F9E023D5AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3200_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87D7B9E-BDD0-41D8-9A2B-CE989FA3888B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A3CD99D-F823-49A9-A9F4-6DE615358447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3400_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F09E64-4A8E-4C24-8699-ED0D4CD5BBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3400_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1890F42C-E455-4D81-86BA-E7E5E1B8D295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69ED256E-420A-42D7-B5EC-301097A4020F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02507B59-A854-43B1-B14D-E0CEA10FF62A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "247AFC7C-CAF6-46C5-82A4-7DF045C2E9D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E33754-643B-41FD-A751-4E1A029EFBD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3620_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5160AA6-DF5F-4247-BEA6-F17AC1667FA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F76C31D7-C2FF-4DAA-88DB-99EFE7E0BA83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C58073F4-505F-466B-A2F2-B13B70F3A78F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE88C85-1397-447D-9352-9609571E62B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3690_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3230D6FE-71DC-474E-94FE-0052C94AEFA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A7021F-5D6E-4FCB-A155-5EDC76B78167",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86142DE9-2C91-4FCB-9A1B-39AB541C05F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, y System x3### tiene una contrase\u00f1a predeterminada para una cuenta de usuario IPMI, lo que hace m\u00e1s f\u00e1cil para los atacantes remotos realizar el encendido, apagado, reinicio, o a\u00f1adir o modificar las cuentas, a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2013-4031",
  "lastModified": "2024-11-21T01:54:45.167",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-08-09T23:55:02.840",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86172"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86172"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-01-26 19:29
Modified
2024-11-21 03:26
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease.
References
psirt@lenovo.comhttps://support.lenovo.com/us/en/product_security/LEN-14450Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/product_security/LEN-14450Vendor Advisory
Impacted products
Vendor Product Version
lenova flex_system_x240_m5_firmware *
lenova flex_system_x240_m5 -
lenova flex_system_x280_x6_firmware *
lenova flex_system_x280_x6 -
lenova flex_system_x440_m4_firmware *
lenova flex_system_x440_m4 -
lenova flex_system_x480_x6_firmware *
lenova flex_system_x480_x6 -
lenova flex_system_x880_firmware *
lenova flex_system_x880 -
lenova nextscale_nx360_m5_firmware *
lenova nextscale_nx360_m5 -
lenova system_x3250_m6_firmware *
lenova system_x3250_m6 -
lenova system_x3500_m5_firmware *
lenova system_x3500_m5 -
lenova system_x3550_m5_firmware *
lenova system_x3550_m5 -
lenova system_x3650_m5_firmware *
lenova system_x3650_m5 -
lenova system_x3750_m4_firmware *
lenova system_x3750_m4 -
lenova system_x3850_x6_firmware *
lenova system_x3850_x6 -
lenova system_x3950_x6_firmware *
lenova system_x3950_x6 -
lenova flex_system_x240_m4_firmware *
lenova flex_system_x240_m4 -
ibm bladecenter_hs22_firmware *
ibm bladecenter_hs22 -
ibm bladecenter_hs23_firmware *
ibm bladecenter_hs23 -
ibm bladecenter_hs23e_firmware *
ibm bladecenter_hs23e -
ibm flex_system_x220_m4_firmware *
ibm flex_system_x220_m4 -
ibm flex_system_x222_m4_firmware *
ibm flex_system_x222_m4 -
ibm flex_system_x240_m4_firmware *
ibm flex_system_x240_m4 -
ibm flex_system_x280_m4_firmware *
ibm flex_system_x280_m4 -
ibm flex_system_x440_m4_firmware *
ibm flex_system_x440_m4 -
ibm flex_system_x480_m4_firmware *
ibm flex_system_x480_m4 -
ibm flex_system_x880_m4_firmware *
ibm flex_system_x880_m4 -
ibm idataplex_dx360_m4_firmware *
ibm idataplex_dx360_m4 -
ibm idataplex_dx360_m4_water_cooled_firmware *
ibm idataplex_dx360_m4_water_cooled -
ibm nextscale_nx360_m4_firmware *
ibm nextscale_nx360_m4 -
ibm system_x3100_m4_firmware *
ibm system_x3100_m4 -
ibm system_x3100_m5_firmware *
ibm system_x3100_m5 -
ibm system_x3250_m4_firmware *
ibm system_x3250_m4 -
ibm system_x3250_m5_firmware *
ibm system_x3250_m5 -
ibm system_x3300_m4_firmware *
ibm system_x3300_m4 -
ibm system_x3500_m4_firmware *
ibm system_x3500_m4 -
ibm system_x3530_m4_firmware *
ibm system_x3530_m4 -
ibm system_x3550_m4_firmware *
ibm system_x3550_m4 -
ibm system_x3630_m4_firmware *
ibm system_x3630_m4 -
ibm system_x3650_m4_firmware *
ibm system_x3650_m4 -
ibm system_x3650_m4_bd_firmware *
ibm system_x3650_m4_bd -
ibm system_x3750_m4_firmware *
ibm system_x3750_m4 -
ibm system_x3850_x6_firmware *
ibm system_x3850_x6 -
ibm system_x3950_x6_firmware *
ibm system_x3950_x6 -
ibm system_x3650_m4_hd_firmware *
ibm system_x3650_m4_hd -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:flex_system_x240_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B8ED668-C53C-47A2-A84F-CADC8DB4F3BD",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:flex_system_x240_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8C35790-5983-4275-9E27-D369398682B5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:flex_system_x280_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "46E6DAE3-7580-47F1-9AFB-181BA9D217D5",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:flex_system_x280_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCCE0FCA-11A5-4AC5-8124-A521723F4EB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A99076DC-8C22-4A11-84E4-91761E4F672D",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9D1BEA1-F4A1-4EF3-A471-35A3D0CDF6E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:flex_system_x480_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2A56F99-CA97-4A47-9EA8-967D7F13BC9A",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:flex_system_x480_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A129C381-6732-4498-979E-9E8E70C1D9EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:flex_system_x880_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E9DD33-3559-4590-9D86-998EF3526F34",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:flex_system_x880:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6801CA58-67D9-4E3D-882A-A8327B1194CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:nextscale_nx360_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBD85DC-9E99-45B2-8D9D-DBCE50A02A81",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C9058D6-2BA3-4F58-A55F-9E23F6F175BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:system_x3250_m6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AABC1F2-D93F-42DF-98D2-D3B6A956E834",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:system_x3250_m6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B6EFF65-BC96-4D1C-BA54-DAA0DFBCFE4A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:system_x3500_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D3C0596-EA61-4F48-A820-798CA0EDEE1D",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:system_x3500_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B7FF85-F374-48E3-9312-1AB4F4B37E8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:system_x3550_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "572732D1-CC28-4F79-8EA0-A536549C8D48",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:system_x3550_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8235F1EA-EC94-4BB3-B8CB-B6D251A3EFAD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:system_x3650_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D87909-6C74-46BC-9CB8-5965FCC51BB9",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:system_x3650_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC6A511-BEF5-4100-A517-3EF5FC67F5F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21D6FFB4-0894-4BD8-8F8F-9E4EE2E69DEA",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7091088-0E95-484D-8185-61BA8E2FE0E2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E94D0BE3-DAC8-49E2-8D2C-CC521DD88E3A",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA3F5C19-BA44-41FD-811E-F9B2CB95E012",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CC24C86-0B33-4927-A320-CCF16EB2F89D",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB9721F-324B-4C61-8A26-8BBA4E348AEA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenova:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9661B216-A753-4607-A922-D7150CD9B569",
              "versionEndExcluding": "4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenova:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F54F2D5-A9FA-4270-8B3F-F7EFA5B074CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs22_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "755A6821-94AC-4FB5-8431-2A311EB5122B",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7D83555-3984-4403-8148-01BA2E778FC7",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "319A03D6-4081-4457-A2AA-E36000A8D02B",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x220_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD0803B-B459-496D-A538-76BA7E93AF2F",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x222_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C1ED1F-2920-4514-8BE7-571A5C0DC0C5",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0221C6DB-5ACF-4EC4-BA98-192322706C4F",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x280_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2C015F-81E9-4F65-A71F-0F78F36FCC84",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B522C0-3721-4D1F-B623-57ABA4C39FF8",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x480_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "249E0CF6-0D1F-4684-B4B7-68EEDC299627",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x880_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CAB2B36-1ACB-403E-BFC2-54E042A36C85",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "942B1B2C-031A-48AF-967C-E8947B1E8861",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C180AD0-7956-46E6-95E8-F2B86F98A779",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:nextscale_nx360_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42C3D741-1A79-4859-BA0C-463651D9ED99",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFAB16EB-64D8-40DB-959C-1DE870D6E696",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0FB314-D7CC-4C1A-8767-505D697C05DB",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F78CFCD7-22E9-4B73-A3DC-91354D6EA905",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DCFC11-3642-4B09-A806-F780E6A40554",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3300_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C13045D-DB2C-4767-951A-B5650FFEF5DC",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3500_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93F6F32-8A99-4835-B466-5EB031533A11",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3530_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "907258CB-A7EF-4B8B-A4A6-0A9FB7103C2E",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3550_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "952E9BBC-0297-4C9C-972A-08205E5C20E4",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3630_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88F20E9-A0A3-466C-A43F-00D825A718EB",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BDF4C26-0A2F-4A52-8E49-8F68461116DD",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1901D6F-8051-4B0F-865B-B17BCDC68BC2",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54091626-95DE-43E6-B599-F1E935F8E5A6",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D7AC260-B3A5-405E-8999-539F90C5E700",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DA7B09-181D-499B-8B44-A8E903E155D1",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB24652-3972-4CD0-9C02-F8C1AE79447E",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease."
    },
    {
      "lang": "es",
      "value": "Un atacante sin privilegios con conectividad al IMM2 podr\u00eda provocar un ataque de denegaci\u00f3n de servicio (DoS) en el IMM2 (versiones anteriores a la 4.4 para Lenovo System x y anteriores a la 6.4 para IBM System x). Inundar el IMM2 con un gran volumen de fallos de autenticaci\u00f3n mediante el Common Information Model (CIM) empleado por LXCA, OneCLI y otras herramientas puede agotar la memoria del sistema disponible. Esto puede provocar que el IMM2 se reinicie hasta que cesen las peticiones."
    }
  ],
  "id": "CVE-2017-3768",
  "lastModified": "2024-11-21T03:26:06.100",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-01-26T19:29:00.383",
  "references": [
    {
      "source": "psirt@lenovo.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
    }
  ],
  "sourceIdentifier": "psirt@lenovo.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-11-16 14:29
Modified
2024-11-21 04:14
Severity ?
4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
References
psirt@lenovo.comhttps://support.lenovo.com/us/en/solutions/LEN-24477Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/solutions/LEN-24477Vendor Advisory
Impacted products
Vendor Product Version
lenovo flex_system_x240_m4_firmware *
lenovo flex_system_x240_m4 -
lenovo flex_system_x440_m4_firmware *
lenovo flex_system_x440_m4 -
lenovo system_x3750_m4_firmware *
lenovo system_x3750_m4 -
ibm bladecenter_hs23_firmware *
ibm bladecenter hs23
ibm bladecenter_hs23e_firmware *
ibm bladecenter hs23e
ibm flex_system_x220_m4_firmware *
ibm flex_system_x220 -
ibm flex_system_x222_m4_firmware *
ibm flex_system_x222_m4 -
ibm flex_system_x240_m4_firmware *
ibm flex_system_x240_m4 -
ibm flex_system_x280_x6_firmware *
ibm flex_system_x280_x6 -
ibm flex_system_x440_m4_firmware *
ibm flex_system_x440_m4 -
ibm flex_system_x480_x6_firmware *
ibm flex_system_x480_x6 -
ibm flex_system_x880_x6_firmware *
ibm flex_system_x880_x6 -
ibm idataplex_dx360_m4_firmware *
ibm idataplex_dx360_m4_ -
ibm idataplex_dx360_m4_water_cooled_firmware *
ibm idataplex_dx360_m4_ -
ibm system_x3100_m4_firmware *
ibm system_x3100_m4 *
ibm system_x3100_m5_firmware *
ibm system_x3100_m5 *
ibm system_x3250_m4_firmware *
ibm system_x3250_m4 *
ibm system_x3250_m5_firmware *
ibm system_x3250_m5 *
ibm system_x3300_m4_firmware *
ibm system_x3300_m4 *
ibm system_x3500_m4_firmware *
ibm system_x3500_m4 *
ibm system_x3530_m4_firmware *
ibm system_x3530_m4 *
ibm system_x3550_m4_firmware *
ibm system_x3550_m4 *
ibm system_x3630_m4_firmware *
ibm system_x3630_m4 *
ibm system_x3650_m4_firmware *
ibm system_x3650_m4 *
ibm system_x3650_m4_bd_firmware *
ibm system_x3650_m4_bd *
ibm system_x3650_m4_hd_firmware *
ibm system_x3650_m4_hd *
ibm system_x3750_m4_firmware *
ibm system_x3750_m4 *
ibm system_x3850_x6_firmware *
ibm system_x3850_x6 *
ibm system_x3950_x6_firmware *
ibm system_x3950_x6 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4615A750-2A3B-47B4-89EE-A3232E19CAF2",
              "versionEndExcluding": "a3e122b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBEEBA90-3902-48F4-AFF2-708C0F1732B6",
              "versionEndExcluding": "cge122b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69B6C713-88F0-46FA-9BA0-A8990742BF56",
              "versionEndExcluding": "a5e124b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC299FF-82AF-4B45-8646-8EEA9A9A7EB6",
              "versionEndExcluding": "tke160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23:-:*:*:*:*:*:*",
              "matchCriteriaId": "F6EB37C6-274D-420A-A870-508105E94A09",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B02CA18F-9C74-4F42-8306-D41CAC6AF823",
              "versionEndExcluding": "ahe160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:-:*:*:*:*:*:*",
              "matchCriteriaId": "A6035D4E-3B1E-4882-AD00-622A5A14E428",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x220_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4A9615-D41C-4D0E-B2F0-2F7193F4FB95",
              "versionEndExcluding": "kse158c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD06E939-3D9E-4254-B570-0C9D79E1A6EE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x222_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "386977A4-311D-48AE-BD40-17F1349F4912",
              "versionEndExcluding": "cce160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D66C4AB-D69B-4D90-9F47-C590048582EE",
              "versionEndExcluding": "ahe160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x280_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "348B1A1E-5617-4EA1-B562-5605EE463AFC",
              "versionEndExcluding": "n3e132w",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x280_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F33B121-C777-4D32-B601-B32E3D240761",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3C5FED-59D7-4EB9-BE2F-C0CB0266348D",
              "versionEndExcluding": "cne162d",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x480_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1AFF5F6-2183-448D-A43E-9F13E6219E8D",
              "versionEndExcluding": "n3e132w",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x480_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2B5F19-EE82-4DA4-9ACD-505943C4EC8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x880_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7656DBE9-CC1A-441D-95CA-2DC524ECEDE0",
              "versionEndExcluding": "n2e130e",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x880_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BED0E10-71B6-4323-96F5-B98D4FE7C7AB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "088D5D83-67AB-43C4-BFC8-F80F86B24DAA",
              "versionEndExcluding": "fhe120d",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10ECC957-AC46-4141-9587-2A61F5F0C8D4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07F99BB6-2E71-44B0-8910-EE4945EAE096",
              "versionEndExcluding": "fhe120d",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10ECC957-AC46-4141-9587-2A61F5F0C8D4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "075B4B38-E5F0-4B21-9F42-8571C2DE2710",
              "versionEndExcluding": "jqe184c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A654AB-188E-47B2-8C6D-6EA5C824B75B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC44F64-B03F-4BF6-9D18-F800C95F486B",
              "versionEndExcluding": "j9e134c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m5:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CDF041-DA1B-4657-B86C-6509F3DA4415",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A9A0EF2-F0DF-46EB-BBE1-5CE2A9F346F2",
              "versionEndExcluding": "jqe184c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5A1D29C-9491-4577-AB46-42924DB2B280",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9278E60-F61A-4BD6-974D-428F9328A97C",
              "versionEndExcluding": "jue134c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m5:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD67192C-7833-40CB-9CCD-7ADBDC07BE47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3300_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B251FABB-7A74-4A00-9A6A-E1D5010F789F",
              "versionEndExcluding": "yae156c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3300_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB437E6F-4A5B-4335-B6C3-0C061D630DF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3500_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AEA8A-4BC9-46FC-A939-A72A4C2FBE47",
              "versionEndExcluding": "y5e158c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "654187EE-51E9-4AC8-8563-9DD24BB97C5E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3530_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EADB7945-EE70-42C6-91B6-F593CC246F4A",
              "versionEndExcluding": "bee164c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "122C6446-D5A2-446F-89B7-FD6742A36CEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3550_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B343AFD4-F139-41CF-9BA1-8CC81AC5F94D",
              "versionEndExcluding": "d7e166d",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB7F4041-3E49-4C34-BCF1-E924690E7947",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3630_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B811AAAD-7526-45DB-9506-2DF80EADD2BD",
              "versionEndExcluding": "vve162c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A6CC3F-EC19-408C-996E-AF260289F81B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73592E6B-511F-47DA-BE96-E485AB8B0C84",
              "versionEndExcluding": "vve160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A50E12D4-7631-4FF3-9390-BE1893468310",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED733CEF-494D-4770-8A9B-5AFDA89FC689",
              "versionEndExcluding": "vve160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D37B42B3-A246-4C15-BC87-E821246EAF1D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D526F5A8-6411-445E-9EAA-29AD7AD98834",
              "versionEndExcluding": "vve160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66850147-3473-4092-A79B-B42BFEC652FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FA3F56B-6163-4FEC-8BFC-8DC45928F175",
              "versionEndExcluding": "koe160c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E2C1FAF-46C5-4FB0-AA16-FB731CF77944",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D289168-1A35-48DA-8CA2-38DA52046CB3",
              "versionEndExcluding": "a8e128c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x6:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74A84455-9F94-4934-93ED-623BC81A1406",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E50A5B5-5EAF-41C2-8FFF-430F8D13AC22",
              "versionEndExcluding": "bee164c",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x6:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D27C8F43-4900-4A12-9A99-D833DDD51B6E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."
    },
    {
      "lang": "es",
      "value": "Se ha dejado sin establecer un bit de bloqueo de protecci\u00f3n de escritura tras el arranque en una generaci\u00f3n m\u00e1s antigua de los servidores x de Lenovo y IBM System, lo que podr\u00eda permitir que un atacante con acceso de administrador modifique el subconjunto de memoria flash que contiene Intel SPS (Server Platform Services) y los descriptores flash del sistema."
    }
  ],
  "id": "CVE-2018-9085",
  "lastModified": "2024-11-21T04:14:56.817",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-11-16T14:29:00.427",
  "references": [
    {
      "source": "psirt@lenovo.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
    }
  ],
  "sourceIdentifier": "psirt@lenovo.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-276"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-19 14:29
Modified
2024-11-21 03:26
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption.
References
psirt@lenovo.comhttps://support.lenovo.com/us/en/product_security/LEN-19586Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/product_security/LEN-19586Vendor Advisory
Impacted products
Vendor Product Version
lenovo integrated_management_module_2 *
lenovo flex_system_x240_m4 -
lenovo flex_system_x240_m5 -
lenovo flex_system_x280_x6 -
lenovo flex_system_x440_m4 -
lenovo flex_system_x480_x6 -
lenovo flex_system_x880 -
lenovo nextscale_nx360_m5 -
lenovo system_x3250_m6 -
lenovo system_x3500_m5 -
lenovo system_x3550_m5 -
lenovo system_x3650_m5 -
lenovo system_x3750_m4 -
lenovo system_x3850_x6 -
lenovo system_x3950_x6 -
lenovo integrated_management_module_2 *
ibm bladecenter_hs22 -
ibm bladecenter_hs23 -
ibm bladecenter_hs23e -
ibm flex_system_x220_m4 -
ibm flex_system_x222_m4 -
ibm flex_system_x240_m4 -
ibm flex_system_x280_m4 -
ibm flex_system_x440_m4 -
ibm flex_system_x480_m4 -
ibm flex_system_x880_m4 -
ibm idataplex_dx360_m4 -
ibm idataplex_dx360_m4_water_cooled -
ibm nextscale_nx360_m4 -
ibm system_x3100_m4 -
ibm system_x3100_m5 -
ibm system_x3250_m4 -
ibm system_x3250_m5 -
ibm system_x3300_m4 -
ibm system_x3500_m4 -
ibm system_x3530_m4 -
ibm system_x3550_m4 -
ibm system_x3630_m4 -
ibm system_x3650_m4 -
ibm system_x3650_m4_bd -
ibm system_x3650_m4_hd -
ibm system_x3750_m4 -
ibm system_x3850_x6 -
ibm system_x3950_x6 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lenovo:integrated_management_module_2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304A99D-9E06-43AA-9D67-195BCA4D10E7",
              "versionEndExcluding": "4.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D2CE7A5-1CEE-40C4-BE0E-573C28663A11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x280_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1563A13F-2E56-4E83-9C16-68B2C81843DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x480_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86B6B27-0E42-47C1-B2D9-A6C5B1364D9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x880:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68ED17ED-BE60-4EE3-9599-C88C3C7A626C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "723D2A74-F6F3-4C73-AFD9-CDAE930D0FB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3250_m6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89A2206-7012-4938-9BE2-ACF014E3F3B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3500_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC3467C-3F00-4EE3-B40E-3AE7F93094DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3550_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57A78B63-6588-4C40-BEBB-88C8DF467A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3650_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "145F0B3C-A945-443B-AB08-329F72358801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70A2471-D476-4FB7-8D1F-FEE0E4BF460C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A3A89F-CB39-4E76-BC64-3C4F4788FB8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lenovo:integrated_management_module_2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E813F6-4EB2-4E3D-AD4D-7D8EB1BFB71D",
              "versionEndExcluding": "6.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto una vulnerabilidad de desbordamiento de pila en el servicio de administraci\u00f3n web en Integrated Management Module 2 (IMM2), en versiones anteriores a la 4.70 empleadas en algunos servidores de Lenovo y en versiones anteriores a la 6.60 empleadas en algunos servidores de IBM. Un atacante que proporcione una combinaci\u00f3n de ID y contrase\u00f1a manipulados puede hacer que una porci\u00f3n de la rutina de autenticaci\u00f3n desborde su pila, lo que provoca una corrupci\u00f3n de la pila."
    }
  ],
  "id": "CVE-2017-3774",
  "lastModified": "2024-11-21T03:26:06.600",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T14:29:00.357",
  "references": [
    {
      "source": "psirt@lenovo.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/LEN-19586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/LEN-19586"
    }
  ],
  "sourceIdentifier": "psirt@lenovo.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-01-21 01:55
Modified
2024-11-21 01:54
Severity ?
Summary
Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.
References
psirt@us.ibm.comhttp://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301Vendor Advisory
psirt@us.ibm.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/86068
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/86068
Impacted products
Vendor Product Version
ibm integrated_management_module_2 1.00
ibm integrated_management_module_2 2.00
ibm bladecenter hs23
ibm bladecenter hs23e
ibm flex_system_manager_node_7955 -
ibm flex_system_manager_node_8731 -
ibm flex_system_manager_node_8734 -
ibm flex_system_x220_compute_node -
ibm flex_system_x240_compute_node -
ibm flex_system_x440_compute_node -
ibm system_x_idataplex_direct_water_cooled_dx360_m4_server -
ibm system_x_idataplex_dx360_m4_server -
ibm system_x3100_m4 -
ibm system_x3250_m4 -
ibm system_x3300_m4 -
ibm system_x3500_m2 -
ibm system_x3500_m3 -
ibm system_x3500_m4 -
ibm system_x3530_m4 -
ibm system_x3550_m2 -
ibm system_x3550_m3 -
ibm system_x3550_m4 -
ibm system_x3630_m3 -
ibm system_x3630_m4 -
ibm system_x3630_m4_hd -
ibm system_x3650_m2 -
ibm system_x3650_m3 -
ibm system_x3650_m4 -
ibm system_x3650_m4_hd -
ibm system_x3690_x5 -
ibm system_x3750_m4 -
ibm system_x3850_x5 -
ibm system_x3950_x5 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:integrated_management_module_2:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "365DA842-58EB-422E-9DE2-EDCA63BE0600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:integrated_management_module_2:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ACD330F-69B2-4C9C-AF1E-14DDC84B6C68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*",
              "matchCriteriaId": "A633BBA0-4330-41DE-AAAE-D568D9E7442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*",
              "matchCriteriaId": "8644F48F-5032-48CB-B921-0CCC8E233347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_manager_node_7955:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A537D2-61E1-44D1-BDCC-250E4FD42CAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_manager_node_8731:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37D3256-F4C1-46B6-9168-C572321DDF60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_manager_node_8734:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C453D5-F8D3-4945-9880-61743E1949C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DCE85E-FB2D-49D4-863F-5D3458A674D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF9E83E-9526-49EC-8B32-4E896C1DFD54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB89722F-2C12-49A8-9A6E-02842EBF77B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_direct_water_cooled_dx360_m4_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EA69662-2ED2-4CA7-BE7B-DEA1380A9EF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4ABB5B-C1F0-4FEE-9879-3F9E023D5AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69ED256E-420A-42D7-B5EC-301097A4020F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02507B59-A854-43B1-B14D-E0CEA10FF62A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "247AFC7C-CAF6-46C5-82A4-7DF045C2E9D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E33754-643B-41FD-A751-4E1A029EFBD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F76C31D7-C2FF-4DAA-88DB-99EFE7E0BA83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A6BD72-DC1E-4760-AFEE-9D1C8EE1C97F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C58073F4-505F-466B-A2F2-B13B70F3A78F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE88C85-1397-447D-9352-9609571E62B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3690_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3230D6FE-71DC-474E-94FE-0052C94AEFA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A7021F-5D6E-4FCB-A155-5EDC76B78167",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86142DE9-2C91-4FCB-9A1B-39AB541C05F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic."
    },
    {
      "lang": "es",
      "value": "Integrated Management Module (IMM) 2 1.00 hasta 2.00 de los servidores IBM System X y  Flex  System  soporta  conjuntos de cifrado SSL con claves cortas, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos romper la proteccion criptografica de los mecanismos de  de cifrado a trav\u00e9s de (1) un ataque de fuerza bruta contra SSL o (2) El tr\u00e1fico TLS."
    }
  ],
  "id": "CVE-2013-4030",
  "lastModified": "2024-11-21T01:54:44.933",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-01-21T01:55:03.480",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86068"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-06-20 00:29
Modified
2024-11-21 03:26
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.
References
psirt@lenovo.comhttps://support.lenovo.com/product_security/LEN-14054Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/product_security/LEN-14054Vendor Advisory
Impacted products
Vendor Product Version
lenovo integrated_management_module_firmware *
lenovo flex_system_x240_m4 -
lenovo flex_system_x240_m5 -
lenovo flex_system_x280_x6 -
lenovo flex_system_x440_m4 -
lenovo flex_system_x480_x6 -
lenovo flex_system_x880 -
lenovo nextscale_nx360_m5 -
lenovo system_x3250_m6 -
lenovo system_x3500_m5 -
lenovo system_x3550_m5 -
lenovo system_x3650_m5 -
lenovo system_x3750_m4 -
lenovo system_x3850_x6 -
lenovo system_x3950_x6 -
lenovo thinkagile_cx2200 -
lenovo thinkagile_cx4200 -
lenovo thinkagile_cx4600 -
ibm integrated_management_module_firmware *
ibm bladecenter_hs22 -
ibm bladecenter_hs23 -
ibm bladecenter_hs23e -
ibm flex_system_x220_m4 -
ibm flex_system_x222_m4 -
ibm flex_system_x240_m4 -
ibm flex_system_x280_m4 -
ibm flex_system_x440_m4 -
ibm flex_system_x480_m4 -
ibm flex_system_x880_m4 -
ibm idataplex_dx360_m4 -
ibm idataplex_dx360_m4_water_cooled -
ibm nextscale_nx360_m4 -
ibm system_x3100_m4 -
ibm system_x3100_m5 -
ibm system_x3250_m4 -
ibm system_x3250_m5 -
ibm system_x3300_m4 -
ibm system_x3500_m4 -
ibm system_x3530_m4 -
ibm system_x3550_m4 -
ibm system_x3630_m4 -
ibm system_x3650_m4 -
ibm system_x3650_m4_bd -
ibm system_x3650_m4_hd -
ibm system_x3750_m4 -
ibm system_x3850_x6 -
ibm system_x3950_x6 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:integrated_management_module_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CA6D55A-5391-4B6F-A399-A0449A1EBD8B",
              "versionEndIncluding": "4.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D2CE7A5-1CEE-40C4-BE0E-573C28663A11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x280_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1563A13F-2E56-4E83-9C16-68B2C81843DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x480_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86B6B27-0E42-47C1-B2D9-A6C5B1364D9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x880:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68ED17ED-BE60-4EE3-9599-C88C3C7A626C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "723D2A74-F6F3-4C73-AFD9-CDAE930D0FB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3250_m6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89A2206-7012-4938-9BE2-ACF014E3F3B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3500_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC3467C-3F00-4EE3-B40E-3AE7F93094DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3550_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57A78B63-6588-4C40-BEBB-88C8DF467A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3650_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "145F0B3C-A945-443B-AB08-329F72358801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70A2471-D476-4FB7-8D1F-FEE0E4BF460C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A3A89F-CB39-4E76-BC64-3C4F4788FB8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:thinkagile_cx2200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEA2F515-2E29-4478-AE61-9C513CC6901B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:thinkagile_cx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC339542-79DA-45AB-B488-C99D1FEB8359",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:lenovo:thinkagile_cx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "987FB06B-F349-48D5-B46C-CF23BD6B6811",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "740F81FC-AD9F-4AA0-9A32-7363363B7AEC",
              "versionEndIncluding": "6.19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands."
    },
    {
      "lang": "es",
      "value": "En el firmware IMM2 de los servidores Lenovo System x, los comandos remotos enviados por LXCA u otras utilidades pueden ser capturados en el registro del servicio First Failure Data Capture (FFDC) si el registro del servicio se genera cuando ese comando remoto est\u00e1 en ejecuci\u00f3n. Los datos de comando capturados podr\u00edan contener informaci\u00f3n de inicio de sesi\u00f3n en texto claro. Los usuarios autorizados que pueden capturar y exportar datos de registro del servicio FFDC podr\u00edan tener acceso a estos comandos remotos."
    }
  ],
  "id": "CVE-2017-3744",
  "lastModified": "2024-11-21T03:26:03.203",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-20T00:29:00.330",
  "references": [
    {
      "source": "psirt@lenovo.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/product_security/LEN-14054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/product_security/LEN-14054"
    }
  ],
  "sourceIdentifier": "psirt@lenovo.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-08-09 23:55
Modified
2024-11-21 01:54
Severity ?
Summary
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.
References
psirt@us.ibm.comhttp://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463Vendor Advisory
psirt@us.ibm.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/86174
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/86174
Impacted products
Vendor Product Version
ibm bladecenter hs22
ibm bladecenter hs22v
ibm bladecenter hs23
ibm bladecenter hs23e
ibm bladecenter hx5
ibm flex_system_x220_compute_node -
ibm flex_system_x240_compute_node -
ibm flex_system_x440_compute_node -
ibm system_x_idataplex_dx360_m2_server -
ibm system_x_idataplex_dx360_m3_server -
ibm system_x_idataplex_dx360_m4_server -
ibm system_x3100_m4 -
ibm system_x3200_m3 -
ibm system_x3250_m3 -
ibm system_x3250_m4 -
ibm system_x3400_m2 -
ibm system_x3400_m3 -
ibm system_x3500_m2 -
ibm system_x3500_m3 -
ibm system_x3500_m4 -
ibm system_x3530_m4 -
ibm system_x3550_m2 -
ibm system_x3550_m3 -
ibm system_x3550_m4 -
ibm system_x3620_m3 -
ibm system_x3630_m3 -
ibm system_x3630_m4 -
ibm system_x3650_m2 -
ibm system_x3650_m3 -
ibm system_x3650_m4 -
ibm system_x3690_x5 -
ibm system_x3750_m4 -
ibm system_x3850_x5 -
ibm system_x3950_x5 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*",
              "matchCriteriaId": "1052332C-2892-4E69-8180-305039D6AF20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:*",
              "matchCriteriaId": "1245D63B-4A91-4934-8DD8-49B4A10F33A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*",
              "matchCriteriaId": "A633BBA0-4330-41DE-AAAE-D568D9E7442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*",
              "matchCriteriaId": "8644F48F-5032-48CB-B921-0CCC8E233347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:*",
              "matchCriteriaId": "929B68CB-91CD-40EB-87A0-BD66E25922E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DCE85E-FB2D-49D4-863F-5D3458A674D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF9E83E-9526-49EC-8B32-4E896C1DFD54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_compute_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB89722F-2C12-49A8-9A6E-02842EBF77B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5F6076-DF5F-44E0-8CCF-BD1A9E2FE5C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m3_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED62921-B746-41DC-951F-4BD80EC32A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4ABB5B-C1F0-4FEE-9879-3F9E023D5AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3200_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87D7B9E-BDD0-41D8-9A2B-CE989FA3888B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A3CD99D-F823-49A9-A9F4-6DE615358447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3400_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F09E64-4A8E-4C24-8699-ED0D4CD5BBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3400_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1890F42C-E455-4D81-86BA-E7E5E1B8D295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69ED256E-420A-42D7-B5EC-301097A4020F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02507B59-A854-43B1-B14D-E0CEA10FF62A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "247AFC7C-CAF6-46C5-82A4-7DF045C2E9D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E33754-643B-41FD-A751-4E1A029EFBD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3620_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5160AA6-DF5F-4247-BEA6-F17AC1667FA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F76C31D7-C2FF-4DAA-88DB-99EFE7E0BA83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C58073F4-505F-466B-A2F2-B13B70F3A78F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE88C85-1397-447D-9352-9609571E62B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3690_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3230D6FE-71DC-474E-94FE-0052C94AEFA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A7021F-5D6E-4FCB-A155-5EDC76B78167",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86142DE9-2C91-4FCB-9A1B-39AB541C05F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n Intelligent Platform Management Interface (IPMI) en Integrated Management Module (IMM) y Integrated Management Module II (IMM2) en servidores IBM BladeCenter, Flex System, System x iDataPlex, y System x3###, utiliza texto claro para el almacenamiento de contrase\u00f1as, lo que permite a atacantes, seg\u00fan el contexto, obtener informaci\u00f3n confidencial mediante la lectura de un archivo."
    }
  ],
  "id": "CVE-2013-4038",
  "lastModified": "2024-11-21T01:54:45.943",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-08-09T23:55:02.890",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86174"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-04-22 16:29
Modified
2024-11-21 04:46
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support.
References
psirt@lenovo.comhttps://support.lenovo.com/solutions/LEN-25667Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/solutions/LEN-25667Patch, Vendor Advisory
Impacted products
Vendor Product Version
lenovo flex_system_x240_m4_firmware *
lenovo flex_system_x240_m4 -
lenovo flex_system_x240_m5_firmware *
lenovo flex_system_x240_m5 -
lenovo flex_system_x280_x6_firmware *
lenovo flex_system_x280_x6 -
lenovo flex_system_x440_m4_firmware *
lenovo flex_system_x440_m4 -
lenovo flex_system_x480_x6_firmware *
lenovo flex_system_x480_x6 -
lenovo flex_system_x880_firmware *
lenovo flex_system_x880 -
lenovo nextscale_nx360_m5_firmware *
lenovo nextscale_nx360_m5 -
lenovo system_x3250_m6_firmware *
lenovo system_x3250_m6 -
lenovo system_x3500_m5_firmware *
lenovo system_x3500_m5 -
lenovo system_x3550_m5_firmware *
lenovo system_x3550_m5 -
lenovo system_x3650_m5_firmware *
lenovo system_x3650_m5 -
lenovo system_x3750_m4_firmware *
lenovo system_x3750_m4 -
lenovo system_x3850_x6_firmware *
lenovo system_x3850_x6 -
lenovo system_x3950_x6_firmware *
lenovo system_x3950_x6 -
ibm bladecenter_hs22_firmware *
ibm bladecenter_hs22 -
ibm bladecenter_hs23_firmware *
ibm bladecenter_hs23 -
ibm bladecenter_hs23e_firmware *
ibm bladecenter_hs23e -
ibm flex_system_x220_m4_firmware *
ibm flex_system_x220_m4 -
ibm flex_system_x222_m4_firmware *
ibm flex_system_x222_m4 -
ibm flex_system_x240_m4_firmware *
ibm flex_system_x240_m4 -
ibm flex_system_x280_m4_firmware *
ibm flex_system_x280_m4 -
ibm flex_system_x440_m4_firmware *
ibm flex_system_x440_m4 -
ibm flex_system_x480_m4_firmware *
ibm flex_system_x480_m4 -
ibm flex_system_x880_m4_firmware *
ibm flex_system_x880_m4 -
ibm idataplex_dx360_m4_firmware *
ibm idataplex_dx360_m4 -
ibm idataplex_dx360_m4_water_cooled_firmware *
ibm idataplex_dx360_m4_water_cooled -
ibm nextscale_nx360_m4_firmware *
ibm nextscale_nx360_m4 -
ibm system_x3100_m4_firmware *
ibm system_x3100_m4 -
ibm system_x3100_m5_firmware *
ibm system_x3100_m5 -
ibm system_x3250_m4_firmware *
ibm system_x3250_m4 -
ibm system_x3250_m5_firmware *
ibm system_x3250_m5 -
ibm system_x3300_m4_firmware *
ibm system_x3300_m4 -
ibm system_x3500_m4_firmware *
ibm system_x3500_m4 -
ibm system_x3530_m4_firmware *
ibm system_x3530_m4 -
ibm system_x3550_m4_firmware *
ibm system_x3550_m4 -
ibm system_x3630_m4_firmware *
ibm system_x3630_m4 -
ibm system_x3650_m4_firmware *
ibm system_x3650_m4 -
ibm system_x3650_m4_bd_firmware *
ibm system_x3650_m4_bd -
ibm system_x3650_m4_hd_firmware *
ibm system_x3650_m4_hd -
ibm system_x3750_m4_firmware *
ibm system_x3750_m4 -
ibm system_x3850_x6_firmware *
ibm system_x3850_x6 -
ibm system_x3950_x6_firmware *
ibm system_x3950_x6 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53CEEB99-4678-4E88-998D-568125E34452",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x240_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96EDEC86-B1ED-429E-B81F-60D1E2B04343",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D2CE7A5-1CEE-40C4-BE0E-573C28663A11",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x280_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CAF102E-E6FE-42BF-A6FF-FE4B2CD0FECA",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x280_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1563A13F-2E56-4E83-9C16-68B2C81843DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E0B3FD1-BEC8-44E3-83A6-7CA7DA0F4384",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x480_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC00496-EA80-4E04-BEDE-DB5BCD20238C",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x480_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86B6B27-0E42-47C1-B2D9-A6C5B1364D9A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x880_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBF13D6E-F338-47B4-A92D-7D9CA4615C71",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x880:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68ED17ED-BE60-4EE3-9599-C88C3C7A626C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:nextscale_nx360_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5B342CC-D7FD-4173-8244-B9DB6FBF9202",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "723D2A74-F6F3-4C73-AFD9-CDAE930D0FB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3250_m6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF43263-734C-4CE7-B5F5-6D9BEE40B175",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3250_m6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89A2206-7012-4938-9BE2-ACF014E3F3B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3500_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E518BC-C06D-4554-9AE3-358FBBFABB4E",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3500_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC3467C-3F00-4EE3-B40E-3AE7F93094DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3550_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD7FD7F-4A99-4618-B336-D9753A92035A",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3550_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57A78B63-6588-4C40-BEBB-88C8DF467A18",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3650_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EF5439A-4576-4A26-BE88-D8184B186846",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3650_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "145F0B3C-A945-443B-AB08-329F72358801",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E1F9C5E-92D3-4DA6-9FD1-7F7857769C34",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7ACFF6-3E64-45A7-B1EB-DD26711064ED",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70A2471-D476-4FB7-8D1F-FEE0E4BF460C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86256CCB-9074-47CF-8673-36EE78BD0BCA",
              "versionEndExcluding": "5.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A3A89F-CB39-4E76-BC64-3C4F4788FB8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs22_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7FF63AE-6D07-4706-B647-CB041284FE51",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEBC3C39-1088-4120-9476-263F952DEDE7",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC7357C-32AB-41CE-BE3C-6B1E38223F4A",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x220_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A304B98A-7301-491B-884A-7EAF1E58D74D",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x222_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5974137F-8076-4895-82CB-F49A0383DB16",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAEFEF7E-2412-4F85-B588-E350B57C9261",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x280_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4DC1FB-C916-409E-ABB5-12CA496F2525",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B526782-CD71-4ADF-9307-2FCDEF40BF21",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x480_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D898109-92E6-4D53-892E-0CF2F4B25B05",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x880_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5C2B387-A83B-43F9-853A-9BBD9B599DF6",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF4E346-2956-46EE-AF0E-562F408B5455",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79F602B-E90D-4E3A-B19C-78CCF1E25431",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:nextscale_nx360_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5E15F9-AB92-44F6-B6C7-903C1EE019AC",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73E106FB-A40B-431A-88BD-BDC344D97237",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "335A2396-B190-472B-8D14-028E24715B99",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB640902-1AA1-4C2D-9E71-6DEB0C5C7F41",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C26DCBC-6771-4128-85F2-E9C784A9E477",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3300_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D87C9465-CEC9-424C-B55D-B295BB92CEA4",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3500_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A8C3782-EC28-46FE-99C2-1CEFF06CD6FC",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3530_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D97AB758-0B2E-404D-B86C-2091FA4F0020",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3550_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DA158A3-4E4A-4184-A90C-78ED3B4191EC",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3630_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EA5AA86-D0EF-495E-AA54-6EF74057449A",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60278935-F342-4010-92AE-6630BADB9F86",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "291AD362-BB37-4B4E-9E57-99893327AB24",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0768D4A-6D7F-4DB6-AF22-F655FFC57ABC",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B414E1DD-1CE9-425D-BA12-C089A3B52EED",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "321CD3DF-BC7F-41D5-9EFA-F7F65D440484",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3D51F07-0074-410F-9E08-8EC442DB694D",
              "versionEndExcluding": "7.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In various firmware versions of Lenovo System x, the integrated management module II (IMM2)\u0027s first failure data capture (FFDC) includes the web server\u0027s private key in the generated log file for support."
    },
    {
      "lang": "es",
      "value": "En varias versiones de firmware de Lenovo System x, First Failure Data Capture (FFDC) del m\u00f3dulo de administraci\u00f3n integrada II (IMM2) incluye la clave privada del servidor web dentro del archivo de registro generado para soporte."
    }
  ],
  "id": "CVE-2019-6157",
  "lastModified": "2024-11-21T04:46:02.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.2,
        "source": "psirt@lenovo.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-22T16:29:02.037",
  "references": [
    {
      "source": "psirt@lenovo.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/solutions/LEN-25667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/solutions/LEN-25667"
    }
  ],
  "sourceIdentifier": "psirt@lenovo.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-25 20:29
Modified
2024-11-21 02:02
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.
References
psirt@us.ibm.comhttps://support.lenovo.com/us/en/solutions/ht114525Third Party Advisory
psirt@us.ibm.comhttps://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/Vendor Advisory
psirt@us.ibm.comhttps://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/solutions/ht114525Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726Vendor Advisory
Impacted products
Vendor Product Version
ibm integrated_management_module_firmware 3.50
ibm integrated_management_module_firmware 3.55
ibm integrated_management_module_firmware 3.56
ibm integrated_management_module_firmware 3.65
ibm integrated_management_module_firmware 3.67
ibm flex_system_manager_7955 -
ibm flex_system_manager_8731 -
ibm flex_system_x220 -
ibm flex_system_x240 -
ibm flex_system_x440 -
ibm nextscale_nx360_m4 -
ibm system_x_idataplex_dx360_m4 -
ibm system_x3100_m4 -
ibm system_x3250_m4 -
ibm system_x3500_m4 -
ibm system_x3530_m4 -
ibm system_x3550_m4 -
ibm system_x3630_m4 -
ibm system_x3650_m4 -
ibm system_x3750_m4 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:3.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9E79924-953C-437C-9F1A-697347757BF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:3.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B167F20-8A18-4B1A-B3E9-C8AF30880621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:3.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DBF53CB-7AF1-4070-A4CB-CC8EA9C3E88F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:3.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6FEDBE1-2434-4686-A8F7-4439868D3C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:integrated_management_module_firmware:3.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DD337EA-1F68-4390-BD28-7CE85843EEA2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_manager_7955:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D9A841-A3CD-4A52-9DB3-4B7B1A843C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_manager_8731:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33BDEAFA-2E2B-45D2-87DD-1659B641FBD9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD06E939-3D9E-4254-B570-0C9D79E1A6EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD264A5B-D6E8-470D-BBF1-58F68841D62E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C4E6E1-DA9E-4FA8-9F29-CF1596DECC3C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x_idataplex_dx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA5A6D3-F3CF-4514-822D-C6CBD33FAF29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149."
    },
    {
      "lang": "es",
      "value": "Integrated Management Module II (IMM2) en sistemas IBM Flex System, NeXtScale, System x3xxx y System x iDataPlex podr\u00eda permitir que usuarios autenticados remotos obtengan informaci\u00f3n sensible de la cuenta mediante vectores relacionados con los datos generados de Service Advisor (FFDC). IBM X-Force ID: 91149."
    }
  ],
  "id": "CVE-2014-0882",
  "lastModified": "2024-11-21T02:02:58.330",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-25T20:29:00.447",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/solutions/ht114525"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/solutions/ht114525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-07-26 19:29
Modified
2024-11-21 04:14
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Lenovo System x and earlier than 6.80 for IBM System x, the credentials to access the SFTP server are hard-coded and described in the IMM2 documentation, allowing an attacker with management network access to obtain the collected FFDC data. After applying the update, the IMM2 will create random SFTP credentials for use with OneCLI.
References
psirt@lenovo.comhttps://support.lenovo.com/us/en/solutions/LEN-20227Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/solutions/LEN-20227Vendor Advisory
Impacted products
Vendor Product Version
lenovo flex_system_x240_m4_firmware *
lenovo flex_system_x240_m4 -
lenovo flex_system_x240_m5_firmware *
lenovo flex_system_x240_m5 -
lenovo flex_system_x280_x6_firmware *
lenovo flex_system_x280_x6 -
lenovo flex_system_x440_m4_firmware *
lenovo flex_system_x440_m4 -
lenovo flex_system_x480_x6_firmware *
lenovo flex_system_x480_x6 -
lenovo flex_system_x880_firmware *
lenovo flex_system_x880 -
lenovo nextscale_nx360_m5_firmware *
lenovo nextscale_nx360_m5 -
lenovo system_x3250_m6_firmware *
lenovo system_x3250_m6 -
lenovo system_x3500_m5_firmware *
lenovo system_x3500_m5 -
lenovo system_x3550_m5_firmware *
lenovo system_x3550_m5 -
lenovo system_x3650_m5_firmware *
lenovo system_x3650_m5 -
lenovo system_x3750_m4_firmware *
lenovo system_x3750_m4 -
lenovo system_x3850_x6_firmware *
lenovo system_x3850_x6 -
lenovo system_x3950_x6_firmware *
lenovo system_x3950_x6 -
ibm bladecenter_hs22_firmware *
ibm bladecenter_hs22 -
ibm bladecenter_hs23_firmware *
ibm bladecenter_hs23 -
ibm bladecenter_hs23e_firmware *
ibm bladecenter_hs23e -
ibm flex_system_x220_m4_firmware *
ibm flex_system_x220_m4 -
ibm flex_system_x222_m4_firmware *
ibm flex_system_x222_m4 -
ibm flex_system_x240_m4_firmware *
ibm flex_system_x240_m4 -
ibm flex_system_x280_m4_firmware *
ibm flex_system_x280_m4 -
ibm flex_system_x440_m4_firmware *
ibm flex_system_x440_m4 -
ibm flex_system_x480_m4_firmware *
ibm flex_system_x480_m4 -
ibm flex_system_x880_m4_firmware *
ibm flex_system_x880_m4 -
ibm idataplex_dx360_m4_firmware *
ibm idataplex_dx360_m4 -
ibm idataplex_dx360_m4_water_cooled_firmware *
ibm idataplex_dx360_m4_water_cooled -
ibm nextscale_nx360_m4_firmware *
ibm nextscale_nx360_m4 -
ibm system_x3100_m4_firmware *
ibm system_x3100_m4 -
ibm system_x3100_m5_firmware *
ibm system_x3100_m5 -
ibm system_x3250_m4_firmware *
ibm system_x3250_m4 -
ibm system_x3250_m5_firmware *
ibm system_x3250_m5 -
ibm system_x3300_m4_firmware *
ibm system_x3300_m4 -
ibm system_x3500_m4_firmware *
ibm system_x3500_m4 -
ibm system_x3530_m4_firmware *
ibm system_x3530_m4 -
ibm system_x3550_m4_firmware *
ibm system_x3550_m4 -
ibm system_x3630_m4_firmware *
ibm system_x3630_m4 -
ibm system_x3650_m4_firmware *
ibm system_x3650_m4 -
ibm system_x3650_m4_bd_firmware *
ibm system_x3650_m4_bd -
ibm system_x3650_m4_hd_firmware *
ibm system_x3650_m4_hd -
ibm system_x3750_m4_firmware *
ibm system_x3750_m4 -
ibm system_x3850_x6_firmware *
ibm system_x3850_x6 -
ibm system_x3950_x6_firmware *
ibm system_x3950_x6 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AA4469-91DE-4F7B-A2CF-568C05F5E4AE",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B2E41-3FC3-4E39-802F-546EC7AA12E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x240_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "127A4CC7-08CE-46DF-8C98-7BE845DF2493",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x240_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D2CE7A5-1CEE-40C4-BE0E-573C28663A11",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x280_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01F45A40-2C91-4362-866F-C751E4E8507E",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x280_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1563A13F-2E56-4E83-9C16-68B2C81843DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE68A72-826C-4DB6-8ADF-04303B6D9F68",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC55C49B-2A5C-452C-8345-1C19A48FBB6E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x480_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6F9B301-C6C4-4AE2-AEF7-035AD4A3D3A8",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x480_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86B6B27-0E42-47C1-B2D9-A6C5B1364D9A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:flex_system_x880_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "003631A2-F0BD-4F2D-853B-92AA80535811",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:flex_system_x880:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68ED17ED-BE60-4EE3-9599-C88C3C7A626C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:nextscale_nx360_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17771FAE-38EA-41A5-9C93-286642E08692",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "723D2A74-F6F3-4C73-AFD9-CDAE930D0FB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3250_m6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3D890D-79FE-43CA-881B-8B9FAB745B47",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3250_m6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89A2206-7012-4938-9BE2-ACF014E3F3B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3500_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2393A517-E1FA-42AD-A40A-E1C00E135962",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3500_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC3467C-3F00-4EE3-B40E-3AE7F93094DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3550_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41F41191-D8A4-45A9-90B4-46A974DBEFB7",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3550_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57A78B63-6588-4C40-BEBB-88C8DF467A18",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3650_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75B122F-C126-4726-9599-96F8ACDAEAAE",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3650_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "145F0B3C-A945-443B-AB08-329F72358801",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF06210-2034-422B-884F-FAFFF9F5E7F5",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADBFA57E-F2A7-4960-B388-A21F1C277A2B",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70A2471-D476-4FB7-8D1F-FEE0E4BF460C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "644708FB-7C30-4DB2-862A-E7AD8B9AC0A8",
              "versionEndExcluding": "4.90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A3A89F-CB39-4E76-BC64-3C4F4788FB8C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs22_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49BE897-592D-491E-AB25-C641BE74A0C6",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF33F7C1-7390-47CF-B1C4-30636F2FFC96",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "485A886E-EE8B-47F7-AC39-A311544739C4",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x220_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96B8AE78-70F8-4961-B173-3BBE73EB80DD",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x222_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADDC859F-23B8-4EE6-B331-107B22E18417",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8001DD7C-3FA3-4FF1-88B2-FB2CDC97D6ED",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x280_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BEDB5B-E5DE-42ED-84CD-B822EDBBD92D",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ACDA1F4-DC48-44D2-832F-F8864049F46F",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x480_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C44899F-0F88-4881-BC82-69532673D85A",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_x880_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65601BD9-1BAF-4E61-B7D4-ADCB8A61E073",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5491D7-AE3A-4060-AB2E-6CEDE3A466F1",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A529319C-0EF1-4D12-B032-74B985FF16C0",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:nextscale_nx360_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D2A225-5C7D-4277-9DBB-1E186000E6D1",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C76751-393A-46DE-A8EC-8129BA9582F6",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3100_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09D1B7F0-9908-47C3-8DB4-EC9657D0CCB0",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D374BCB-AAD4-4E87-A0ED-6FAEC3A671EB",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3250_m5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A6F7B6-F230-450C-B2A1-0C9AABB7C834",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3300_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74886C09-D9AC-4F5B-B5D5-CCCD477E43B8",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3500_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF3E405-B028-4EB7-AE49-797A55B201E0",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3530_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "671D194C-063A-4558-BC22-6BA0CFF5D0F1",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3550_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "687DAA9F-F10F-41AF-969D-7C4C773BD392",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3630_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "773D2239-ED51-4927-BE55-D25A95BD42D1",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D1D239-A124-4C7B-BDDC-E1F1130E07D7",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D95BBF-BC36-4F7A-83A1-C1C3A151AF6E",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADCA4009-4DA3-4DE5-B7E3-DAA17837D304",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3F08B2B-A9E9-4FAA-9C51-2E3F84B24A59",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6141A253-B5CD-4A3C-9393-3CC2E0A41006",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C11DAA-A933-444F-AFC0-9AD8ABB2D79F",
              "versionEndExcluding": "6.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Lenovo System x and earlier than 6.80 for IBM System x, the credentials to access the SFTP server are hard-coded and described in the IMM2 documentation, allowing an attacker with management network access to obtain the collected FFDC data. After applying the update, the IMM2 will create random SFTP credentials for use with OneCLI."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n IMM2 First Failure Data Capture recopila informaci\u00f3n  de diagn\u00f3stico y registros de los m\u00f3dulos de gesti\u00f3n cuando se detecta un error de hardware. Esta informaci\u00f3n est\u00e1 disponible para su descarga mediante un servidor SFTP alojado en la interfaz de gesti\u00f3n de red de IMM2. En versiones anteriores a la 4.90 para Lenovo System y anteriores a la 6.80 para IBM System x, las credenciales para acceder al servidor SFTP est\u00e1n embebidas y se describen en la documentaci\u00f3n de IMM2. Esto permite que un atacante con acceso de gesti\u00f3n a la red obtenga los datos FFDC recopilados. Tras aplicar la actualizaci\u00f3n, IMM2 crear\u00e1 credenciales SFTP aleatorias para emplearlas con OneCLI."
    }
  ],
  "id": "CVE-2018-9068",
  "lastModified": "2024-11-21T04:14:54.413",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-07-26T19:29:00.487",
  "references": [
    {
      "source": "psirt@lenovo.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/solutions/LEN-20227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/solutions/LEN-20227"
    }
  ],
  "sourceIdentifier": "psirt@lenovo.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2014-0882
Vulnerability from cvelistv5
Published
2018-04-25 20:00
Modified
2024-08-06 09:27
Severity ?
Summary
Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.
References
https://support.lenovo.com/us/en/solutions/ht114525x_refsource_CONFIRM
https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/x_refsource_CONFIRM
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:20.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/ht114525"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-25T19:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/ht114525"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-0882",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/solutions/ht114525",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/ht114525"
            },
            {
              "name": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/"
            },
            {
              "name": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726",
              "refsource": "CONFIRM",
              "url": "https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-0882",
    "datePublished": "2018-04-25T20:00:00",
    "dateReserved": "2014-01-06T00:00:00",
    "dateUpdated": "2024-08-06T09:27:20.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4037
Vulnerability from cvelistv5
Published
2013-08-09 23:00
Modified
2024-08-06 16:30
Severity ?
Summary
The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack.
References
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/86173vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.830Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
          },
          {
            "name": "imm-cve20134037-ipmi-weak(86173)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86173"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
        },
        {
          "name": "imm-cve20134037-ipmi-weak(86173)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86173"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4037",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
            },
            {
              "name": "imm-cve20134037-ipmi-weak(86173)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86173"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4037",
    "datePublished": "2013-08-09T23:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.830Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4038
Vulnerability from cvelistv5
Published
2013-08-09 23:00
Modified
2024-08-06 16:30
Severity ?
Summary
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/86174vdb-entry, x_refsource_XF
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "imm-cve20134038-ipmi-cleartext(86174)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86174"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "imm-cve20134038-ipmi-cleartext(86174)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86174"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4038",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "imm-cve20134038-ipmi-cleartext(86174)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86174"
            },
            {
              "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4038",
    "datePublished": "2013-08-09T23:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-3768
Vulnerability from cvelistv5
Published
2018-01-26 19:00
Modified
2024-09-16 22:02
Severity ?
Summary
An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease.
References
https://support.lenovo.com/us/en/product_security/LEN-14450x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Integrated Management Module 2 (IMM2)",
          "vendor": "Lenovo Group Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Earlier than 4.4 for Lenovo System x"
            },
            {
              "status": "affected",
              "version": "Earlier than 6.4 for IBM System x"
            }
          ]
        }
      ],
      "datePublic": "2018-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-26T18:57:02",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "DATE_PUBLIC": "2018-01-25T00:00:00",
          "ID": "CVE-2017-3768",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Integrated Management Module 2 (IMM2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Earlier than 4.4 for Lenovo System x"
                          },
                          {
                            "version_value": "Earlier than 6.4 for IBM System x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo Group Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-14450",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2017-3768",
    "datePublished": "2018-01-26T19:00:00Z",
    "dateReserved": "2016-12-16T00:00:00",
    "dateUpdated": "2024-09-16T22:02:02.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-3744
Vulnerability from cvelistv5
Published
2017-06-20 00:00
Modified
2024-08-05 14:39
Severity ?
Summary
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.
References
https://support.lenovo.com/product_security/LEN-14054x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.051Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/product_security/LEN-14054"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Lenovo System x IMM2",
          "vendor": "Lenovo Group Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Lenovo System x IMM2 firmware versions earlier than 4.10 and IBM System x IMM2 firmware versions earlier than 6.20"
            }
          ]
        }
      ],
      "datePublic": "2017-06-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Disclosure of login credentials to user with local privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-19T23:57:01",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/product_security/LEN-14054"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "ID": "CVE-2017-3744",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Lenovo System x IMM2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Lenovo System x IMM2 firmware versions earlier than 4.10 and IBM System x IMM2 firmware versions earlier than 6.20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo Group Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Disclosure of login credentials to user with local privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/product_security/LEN-14054",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/product_security/LEN-14054"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2017-3744",
    "datePublished": "2017-06-20T00:00:00",
    "dateReserved": "2016-12-16T00:00:00",
    "dateUpdated": "2024-08-05T14:39:41.051Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-9085
Vulnerability from cvelistv5
Published
2018-11-16 14:00
Modified
2024-08-05 07:17
Severity ?
Summary
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
References
https://support.lenovo.com/us/en/solutions/LEN-24477x_refsource_CONFIRM
Impacted products
Vendor Product Version
IBM System x UEFI Version: unspecified   < varies
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:17:50.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "System x UEFI",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "varies",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "System x UEFI",
          "vendor": "IBM",
          "versions": [
            {
              "lessThan": "varies",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-11-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-16T13:57:01",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update UEFI firmware"
        }
      ],
      "source": {
        "advisory": "LEN-24477",
        "discovery": "INTERNAL"
      },
      "title": "Missing System x Flash Memory Write Protection Lock Bit",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "ID": "CVE-2018-9085",
          "STATE": "PUBLIC",
          "TITLE": "Missing System x Flash Memory Write Protection Lock Bit"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "System x UEFI",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "varies"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "System x UEFI",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "varies"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/solutions/LEN-24477",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/LEN-24477"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update UEFI firmware"
          }
        ],
        "source": {
          "advisory": "LEN-24477",
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2018-9085",
    "datePublished": "2018-11-16T14:00:00",
    "dateReserved": "2018-03-27T00:00:00",
    "dateUpdated": "2024-08-05T07:17:50.596Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6157
Vulnerability from cvelistv5
Published
2019-04-22 15:21
Modified
2024-09-17 00:06
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support.
References
https://support.lenovo.com/solutions/LEN-25667x_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:16:24.517Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/solutions/LEN-25667"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "System x",
          "vendor": "Lenovo",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        }
      ],
      "datePublic": "2019-04-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In various firmware versions of Lenovo System x, the integrated management module II (IMM2)\u0027s first failure data capture (FFDC) includes the web server\u0027s private key in the generated log file for support."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-22T15:21:29",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.lenovo.com/solutions/LEN-25667"
        }
      ],
      "source": {
        "advisory": "LEN-25667",
        "discovery": "UNKNOWN"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "DATE_PUBLIC": "2019-04-18T16:00:00.000Z",
          "ID": "CVE-2019-6157",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "System x",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "various"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In various firmware versions of Lenovo System x, the integrated management module II (IMM2)\u0027s first failure data capture (FFDC) includes the web server\u0027s private key in the generated log file for support."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/solutions/LEN-25667",
              "refsource": "MISC",
              "url": "https://support.lenovo.com/solutions/LEN-25667"
            }
          ]
        },
        "source": {
          "advisory": "LEN-25667",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2019-6157",
    "datePublished": "2019-04-22T15:21:29.692559Z",
    "dateReserved": "2019-01-11T00:00:00",
    "dateUpdated": "2024-09-17T00:06:19.158Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-9068
Vulnerability from cvelistv5
Published
2018-07-26 19:00
Modified
2024-09-17 03:38
Severity ?
Summary
The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Lenovo System x and earlier than 6.80 for IBM System x, the credentials to access the SFTP server are hard-coded and described in the IMM2 documentation, allowing an attacker with management network access to obtain the collected FFDC data. After applying the update, the IMM2 will create random SFTP credentials for use with OneCLI.
References
https://support.lenovo.com/us/en/solutions/LEN-20227x_refsource_CONFIRM
Impacted products
Vendor Product Version
IBM Corporation System x IMM2 Version: firmware versions earlier than 6.80
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:17:50.331Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/LEN-20227"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "System x IMM2",
          "vendor": "Lenovo Group Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions earlier than 4.90"
            }
          ]
        },
        {
          "product": "System x IMM2",
          "vendor": "IBM Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions earlier than 6.80"
            }
          ]
        }
      ],
      "datePublic": "2018-07-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Lenovo System x and earlier than 6.80 for IBM System x, the credentials to access the SFTP server are hard-coded and described in the IMM2 documentation, allowing an attacker with management network access to obtain the collected FFDC data. After applying the update, the IMM2 will create random SFTP credentials for use with OneCLI."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-26T18:57:01",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/LEN-20227"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "DATE_PUBLIC": "2018-07-26T00:00:00",
          "ID": "CVE-2018-9068",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "System x IMM2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "firmware versions earlier than 4.90"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo Group Ltd."
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "System x IMM2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "firmware versions earlier than 6.80"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Lenovo System x and earlier than 6.80 for IBM System x, the credentials to access the SFTP server are hard-coded and described in the IMM2 documentation, allowing an attacker with management network access to obtain the collected FFDC data. After applying the update, the IMM2 will create random SFTP credentials for use with OneCLI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/solutions/LEN-20227",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/LEN-20227"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2018-9068",
    "datePublished": "2018-07-26T19:00:00Z",
    "dateReserved": "2018-03-27T00:00:00",
    "dateUpdated": "2024-09-17T03:38:52.294Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4031
Vulnerability from cvelistv5
Published
2013-08-09 23:00
Modified
2024-08-06 16:30
Severity ?
Summary
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/86172vdb-entry, x_refsource_XF
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "imm-cve20134031-ipmi-default(86172)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86172"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "imm-cve20134031-ipmi-default(86172)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86172"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4031",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "imm-cve20134031-ipmi-default(86172)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86172"
            },
            {
              "name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4031",
    "datePublished": "2013-08-09T23:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4030
Vulnerability from cvelistv5
Published
2014-01-21 01:00
Modified
2024-08-06 16:30
Severity ?
Summary
Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/86068vdb-entry, x_refsource_XF
http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.872Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "x-mgmt-cve20134030-encryption(86068)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86068"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "x-mgmt-cve20134030-encryption(86068)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86068"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4030",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "x-mgmt-cve20134030-encryption(86068)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86068"
            },
            {
              "name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weak_ssl_tls_encryption_in_ibm_system_x_and_flex_systems_cve_2013_40301"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4030",
    "datePublished": "2014-01-21T01:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.872Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-3774
Vulnerability from cvelistv5
Published
2018-04-19 14:00
Modified
2024-09-16 16:48
Severity ?
Summary
A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption.
References
https://support.lenovo.com/us/en/product_security/LEN-19586x_refsource_CONFIRM
Impacted products
Vendor Product Version
IBM IMM2 Version: Earlier than 6.60
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:40.967Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-19586"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IMM2",
          "vendor": "Lenovo Group Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Earlier than 4.40"
            }
          ]
        },
        {
          "product": "IMM2",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "Earlier than 6.60"
            }
          ]
        }
      ],
      "datePublic": "2018-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Stack overflow leading to memory corruption",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-19T13:57:01",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-19586"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "DATE_PUBLIC": "2018-04-12T00:00:00",
          "ID": "CVE-2017-3774",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IMM2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Earlier than 4.40"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo Group Ltd."
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IMM2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Earlier than 6.60"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Stack overflow leading to memory corruption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-19586",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-19586"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2017-3774",
    "datePublished": "2018-04-19T14:00:00Z",
    "dateReserved": "2016-12-16T00:00:00",
    "dateUpdated": "2024-09-16T16:48:19.094Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}