All the vulnerabilites related to lenova - system_x3850_x6_firmware
cve-2017-3768
Vulnerability from cvelistv5
Published
2018-01-26 19:00
Modified
2024-09-16 22:02
Severity ?
EPSS score ?
Summary
An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-14450 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Lenovo Group Ltd. | Integrated Management Module 2 (IMM2) |
Version: Earlier than 4.4 for Lenovo System x Version: Earlier than 6.4 for IBM System x |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Integrated Management Module 2 (IMM2)",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "Earlier than 4.4 for Lenovo System x"
},
{
"status": "affected",
"version": "Earlier than 6.4 for IBM System x"
}
]
}
],
"datePublic": "2018-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-26T18:57:02",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2018-01-25T00:00:00",
"ID": "CVE-2017-3768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Integrated Management Module 2 (IMM2)",
"version": {
"version_data": [
{
"version_value": "Earlier than 4.4 for Lenovo System x"
},
{
"version_value": "Earlier than 6.4 for IBM System x"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-14450",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2017-3768",
"datePublished": "2018-01-26T19:00:00Z",
"dateReserved": "2016-12-16T00:00:00",
"dateUpdated": "2024-09-16T22:02:02.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-01-26 19:29
Modified
2024-11-21 03:26
Severity ?
Summary
An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:flex_system_x240_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8ED668-C53C-47A2-A84F-CADC8DB4F3BD",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:flex_system_x240_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C35790-5983-4275-9E27-D369398682B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:flex_system_x280_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E6DAE3-7580-47F1-9AFB-181BA9D217D5",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:flex_system_x280_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCCE0FCA-11A5-4AC5-8124-A521723F4EB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A99076DC-8C22-4A11-84E4-91761E4F672D",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D1BEA1-F4A1-4EF3-A471-35A3D0CDF6E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:flex_system_x480_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A56F99-CA97-4A47-9EA8-967D7F13BC9A",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:flex_system_x480_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A129C381-6732-4498-979E-9E8E70C1D9EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:flex_system_x880_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E9DD33-3559-4590-9D86-998EF3526F34",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:flex_system_x880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6801CA58-67D9-4E3D-882A-A8327B1194CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:nextscale_nx360_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBD85DC-9E99-45B2-8D9D-DBCE50A02A81",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:nextscale_nx360_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9058D6-2BA3-4F58-A55F-9E23F6F175BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:system_x3250_m6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AABC1F2-D93F-42DF-98D2-D3B6A956E834",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:system_x3250_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6EFF65-BC96-4D1C-BA54-DAA0DFBCFE4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:system_x3500_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3C0596-EA61-4F48-A820-798CA0EDEE1D",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:system_x3500_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B7FF85-F374-48E3-9312-1AB4F4B37E8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:system_x3550_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "572732D1-CC28-4F79-8EA0-A536549C8D48",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:system_x3550_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8235F1EA-EC94-4BB3-B8CB-B6D251A3EFAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:system_x3650_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D87909-6C74-46BC-9CB8-5965FCC51BB9",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:system_x3650_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC6A511-BEF5-4100-A517-3EF5FC67F5F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21D6FFB4-0894-4BD8-8F8F-9E4EE2E69DEA",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:system_x3750_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7091088-0E95-484D-8185-61BA8E2FE0E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E94D0BE3-DAC8-49E2-8D2C-CC521DD88E3A",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:system_x3850_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3F5C19-BA44-41FD-811E-F9B2CB95E012",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC24C86-0B33-4927-A320-CCF16EB2F89D",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:system_x3950_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB9721F-324B-4C61-8A26-8BBA4E348AEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenova:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9661B216-A753-4607-A922-D7150CD9B569",
"versionEndExcluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenova:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F54F2D5-A9FA-4270-8B3F-F7EFA5B074CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:bladecenter_hs22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "755A6821-94AC-4FB5-8431-2A311EB5122B",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9180CC-F795-4B8D-B9BF-37488D352AC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D83555-3984-4403-8148-01BA2E778FC7",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C010052B-1EBD-4129-9DCE-077575B8286A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "319A03D6-4081-4457-A2AA-E36000A8D02B",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter_hs23e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F02BE9-BA77-4DC2-AB7A-BF53FE3B7CA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x220_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD0803B-B459-496D-A538-76BA7E93AF2F",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x220_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A0AABD-73B4-4311-9185-643DE173092E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x222_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C1ED1F-2920-4514-8BE7-571A5C0DC0C5",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x222_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04CC2E42-2E9F-4C41-9A36-4A21C32F4CB9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x240_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0221C6DB-5ACF-4EC4-BA98-192322706C4F",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x240_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "594B1D02-B6ED-4F9F-BAEC-313FFD1C17C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x280_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2C015F-81E9-4F65-A71F-0F78F36FCC84",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x280_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C175A-0B5F-453D-A661-0AD955DB22C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x440_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B522C0-3721-4D1F-B623-57ABA4C39FF8",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x440_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5934364-CF52-411C-B13F-A8688A7BC0FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x480_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "249E0CF6-0D1F-4684-B4B7-68EEDC299627",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x480_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A17A8F8-F833-4F5E-A0ED-CF01B1ABAA9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:flex_system_x880_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAB2B36-1ACB-403E-BFC2-54E042A36C85",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:flex_system_x880_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC450128-EDFE-4BD3-A87F-946EED1E0E39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "942B1B2C-031A-48AF-967C-E8947B1E8861",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29845B4B-04B8-4685-948F-4DD19C88D7AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C180AD0-7956-46E6-95E8-F2B86F98A779",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7EABA0-ADB1-4A9B-AB96-FF6BB5720C50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:nextscale_nx360_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42C3D741-1A79-4859-BA0C-463651D9ED99",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9642CB05-D7EE-4AFA-A28F-A6E7961A57EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3100_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAB16EB-64D8-40DB-959C-1DE870D6E696",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66DB82A-0FF6-452B-8B11-239BF391AD12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3100_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B0FB314-D7CC-4C1A-8767-505D697C05DB",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3100_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A58320C-8C0B-4819-838A-AE31F9BFC70E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3250_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F78CFCD7-22E9-4B73-A3DC-91354D6EA905",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3672040-7C51-4C83-A62C-096B2B0E5289",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3250_m5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25DCFC11-3642-4B09-A806-F780E6A40554",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3250_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57E3BC19-4A70-4225-91E4-1DAE6C1986E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3300_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C13045D-DB2C-4767-951A-B5650FFEF5DC",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3300_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD693FE0-9B91-4F52-AE89-C82ED55DE43C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3500_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C93F6F32-8A99-4835-B466-5EB031533A11",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F943B01A-635B-4F62-96DE-715FFA007AA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3530_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "907258CB-A7EF-4B8B-A4A6-0A9FB7103C2E",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAFFBE1-E343-4DCB-A44D-2E29C547CC28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3550_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "952E9BBC-0297-4C9C-972A-08205E5C20E4",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98F407F5-EF7C-4F65-8978-3FB80CB07C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3630_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C88F20E9-A0A3-466C-A43F-00D825A718EB",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3B656E6-B70F-49AB-B17C-F89849CA516E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3650_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF4C26-0A2F-4A52-8E49-8F68461116DD",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "521ED7F3-84FD-4D6C-9EEE-83A52734602A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1901D6F-8051-4B0F-865B-B17BCDC68BC2",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "967EE555-D0BF-4505-BB9D-0A7A92E94889",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54091626-95DE-43E6-B599-F1E935F8E5A6",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "268FEAB9-EEB1-4B00-A086-1185B0A35959",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3850_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7AC260-B3A5-405E-8999-539F90C5E700",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3850_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8ED74FB-C819-4BD9-9986-2588FCC2D308",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3950_x6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DA7B09-181D-499B-8B44-A8E903E155D1",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3950_x6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDB4836-D812-4818-AC08-38EABD56F3EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB24652-3972-4CD0-9C02-F8C1AE79447E",
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44DF5766-53F1-4AE8-AB8F-97C0F36215B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). Flooding the IMM2 with a high volume of authentication failures via the Common Information Model (CIM) used by LXCA and OneCLI and other tools can exhaust available system memory which can cause the IMM2 to reboot itself until the requests cease."
},
{
"lang": "es",
"value": "Un atacante sin privilegios con conectividad al IMM2 podr\u00eda provocar un ataque de denegaci\u00f3n de servicio (DoS) en el IMM2 (versiones anteriores a la 4.4 para Lenovo System x y anteriores a la 6.4 para IBM System x). Inundar el IMM2 con un gran volumen de fallos de autenticaci\u00f3n mediante el Common Information Model (CIM) empleado por LXCA, OneCLI y otras herramientas puede agotar la memoria del sistema disponible. Esto puede provocar que el IMM2 se reinicie hasta que cesen las peticiones."
}
],
"id": "CVE-2017-3768",
"lastModified": "2024-11-21T03:26:06.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T19:29:00.383",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-14450"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}