cvelistv5 - cve-2012-2187

CVE-2012-2187 (GCVE-0-2012-2187)

Vulnerability from cvelistv5 – Published: 2012-09-25 20:00 – Updated: 2024-08-06 19:26

Summary

Severity ?

No CVSS data available.

CWE

Assigner

ibm

References

URL

Tags

	http://www.securityfocus.com/bid/55609	vdb-entryx_refsource_BID
	https://www-947.ibm.com/support/entry/myportal/do…	x_refsource_MISC
	http://www.ibm.com/connections/blogs/PSIRT/entry/…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:26:09.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55609",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55609"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-02-12T10:00:00",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "55609",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55609"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-2187",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55609",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55609"
            },
            {
              "name": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525",
              "refsource": "MISC",
              "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
            },
            {
              "name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-2187",
    "datePublished": "2012-09-25T20:00:00",
    "dateReserved": "2012-04-04T00:00:00",
    "dateUpdated": "2024-08-06T19:26:09.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.13\", \"matchCriteriaId\": \"2E736748-3B17-4448-A0A3-9FA7958B76DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1FD0CE1-7E7E-48D7-A58B-99FDA5F1E534\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"550B79DE-8189-4CC4-9DC7-0C8718BDE339\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E746090-0764-4A98-AC4C-D2F9BDF80602\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"374C7AC6-1825-4814-8DFA-405254E405EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC9EC609-A69C-4793-9769-84DF9AFE2E27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDD3419A-C62B-4BEF-BCD1-7AFE100BCA14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0826810A-8D83-4922-AE47-A2D00ADDA952\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3851293-B6E6-4A7A-8EA3-442A2E77B772\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E24E2370-30AE-4FB5-962A-A59773DAB672\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F6E0B99-EA63-4E09-8F35-61FD435835AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E98F8EA7-DC0A-49DE-8F38-8242191A71F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDBBC639-9A61-4301-8D4A-FA742EABCF41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70DC13FE-C1D4-4F60-8A69-9C0EA993A994\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:x3650:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0C88593-6B6A-4772-AF94-63A78FC93121\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:x3850:m2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB8280F0-09FB-4BC6-B384-CF7CAC9DF3EA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ibm:x3950:m2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68E36E55-9F24-4E8B-927D-AFBA5514389A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"El firmware del IBM Remote Supervisor Adapter II para Sistemas x3650, x3850 M2 y x3950 M2 v1.13 y anteriores generan claves RSA d\\u00e9biles, lo que hace que sea m\\u00e1s f\\u00e1cil saltarse los mecanismos criptogr\\u00e1ficos de protecci\\u00f3n para atacantes remotos a trav\\u00e9s de vectores no especificados.\\r\\n\"}]",
      "id": "CVE-2012-2187",
      "lastModified": "2024-11-21T01:38:40.363",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2012-09-25T20:55:00.877",
      "references": "[{\"url\": \"http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25\", \"source\": \"psirt@us.ibm.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/55609\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/55609\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "psirt@us.ibm.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-310\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-2187\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2012-09-25T20:55:00.877\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"El firmware del IBM Remote Supervisor Adapter II para Sistemas x3650, x3850 M2 y x3950 M2 v1.13 y anteriores generan claves RSA d\u00e9biles, lo que hace que sea m\u00e1s f\u00e1cil saltarse los mecanismos criptogr\u00e1ficos de protecci\u00f3n para atacantes remotos a trav\u00e9s de vectores no especificados.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.13\",\"matchCriteriaId\":\"2E736748-3B17-4448-A0A3-9FA7958B76DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1FD0CE1-7E7E-48D7-A58B-99FDA5F1E534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550B79DE-8189-4CC4-9DC7-0C8718BDE339\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E746090-0764-4A98-AC4C-D2F9BDF80602\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"374C7AC6-1825-4814-8DFA-405254E405EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC9EC609-A69C-4793-9769-84DF9AFE2E27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD3419A-C62B-4BEF-BCD1-7AFE100BCA14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0826810A-8D83-4922-AE47-A2D00ADDA952\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3851293-B6E6-4A7A-8EA3-442A2E77B772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E24E2370-30AE-4FB5-962A-A59773DAB672\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F6E0B99-EA63-4E09-8F35-61FD435835AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E98F8EA7-DC0A-49DE-8F38-8242191A71F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDBBC639-9A61-4301-8D4A-FA742EABCF41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70DC13FE-C1D4-4F60-8A69-9C0EA993A994\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:x3650:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0C88593-6B6A-4772-AF94-63A78FC93121\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:x3850:m2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB8280F0-09FB-4BC6-B384-CF7CAC9DF3EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:x3950:m2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68E36E55-9F24-4E8B-927D-AFBA5514389A\"}]}]}],\"references\":[{\"url\":\"http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/55609\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/55609\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-201209-0571

Vulnerability from variot - Updated: 2023-12-18 13:04

IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors. IBM Remote Supervisor Adapter II is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Attackers can exploit this vulnerability to break through the encryption protection mechanism through unknown vectors

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0571",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "remote supervisor adapter ii",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "ibm",
        "version": "1.13"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.12"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.11"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.1"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.8"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.9"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.7"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.6"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.10"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ibm",
        "version": "1.0"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "1.5"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "1.3"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "1.4"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "1.2"
      },
      {
        "model": "system x3650",
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "system x3850",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ibm",
        "version": "m2"
      },
      {
        "model": "system x3950",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ibm",
        "version": "m2"
      },
      {
        "model": "remote supervisor adapter ii",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ibm",
        "version": "1.13"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.13",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:x3950:m2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:x3650:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:x3850:m2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "University of Michigan and UC San Diego",
    "sources": [
      {
        "db": "BID",
        "id": "55609"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2012-2187",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2012-2187",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-55468",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-2187",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201209-539",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-55468",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55468"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors. IBM Remote Supervisor Adapter II is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Attackers can exploit this vulnerability to break through the encryption protection mechanism through unknown vectors",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "BID",
        "id": "55609"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55468"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2187",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "55609",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-55468",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55468"
      },
      {
        "db": "BID",
        "id": "55609"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "id": "VAR-201209-0571",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55468"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:04:17.978000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Weak Key Vulnerability in Remote Supervisor Adapter II firmware (CVE-2012-2187)",
        "trust": 0.8,
        "url": "http://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
      },
      {
        "title": "ibm_fw_rsa2_a3ep47a_linux_i386",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=44994"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-310",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55468"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
      },
      {
        "trust": 1.7,
        "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=migr-5091525"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/55609"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2187"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2187"
      },
      {
        "trust": 0.3,
        "url": "http://www.ibm.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55468"
      },
      {
        "db": "BID",
        "id": "55609"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-55468"
      },
      {
        "db": "BID",
        "id": "55609"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55468"
      },
      {
        "date": "2012-09-17T00:00:00",
        "db": "BID",
        "id": "55609"
      },
      {
        "date": "2012-09-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "date": "2012-09-25T20:55:00.877000",
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "date": "2012-09-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-02-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55468"
      },
      {
        "date": "2012-10-19T15:30:00",
        "db": "BID",
        "id": "55609"
      },
      {
        "date": "2012-09-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      },
      {
        "date": "2013-02-12T05:08:29.460000",
        "db": "NVD",
        "id": "CVE-2012-2187"
      },
      {
        "date": "2012-09-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  IBM For product  IBM Remote Supervisor Adapter  II Vulnerability that breaks cryptographic protection mechanisms in firmware",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004588"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "encryption problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-539"
      }
    ],
    "trust": 0.6
  }
}

GHSA-HFRM-XRCQ-WMJV

Vulnerability from github – Published: 2022-05-17 05:15 – Updated: 2022-05-17 05:15

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-2187"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-09-25T20:55:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.",
  "id": "GHSA-hfrm-xrcq-wmjv",
  "modified": "2022-05-17T05:15:13Z",
  "published": "2022-05-17T05:15:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2187"
    },
    {
      "type": "WEB",
      "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/55609"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2012-2187

Vulnerability from fkie_nvd - Published: 2012-09-25 20:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55609
psirt@us.ibm.com	https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55609
af854a3a-2127-422b-91ae-364da2661108	https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525

Impacted products

Vendor	Product	Version
ibm	remote_supervisor_adapter_ii_firmware	*
ibm	remote_supervisor_adapter_ii_firmware	1.0
ibm	remote_supervisor_adapter_ii_firmware	1.1
ibm	remote_supervisor_adapter_ii_firmware	1.2
ibm	remote_supervisor_adapter_ii_firmware	1.3
ibm	remote_supervisor_adapter_ii_firmware	1.4
ibm	remote_supervisor_adapter_ii_firmware	1.5
ibm	remote_supervisor_adapter_ii_firmware	1.6
ibm	remote_supervisor_adapter_ii_firmware	1.7
ibm	remote_supervisor_adapter_ii_firmware	1.8
ibm	remote_supervisor_adapter_ii_firmware	1.9
ibm	remote_supervisor_adapter_ii_firmware	1.10
ibm	remote_supervisor_adapter_ii_firmware	1.11
ibm	remote_supervisor_adapter_ii_firmware	1.12
ibm	x3650	*
ibm	x3850	m2
ibm	x3950	m2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E736748-3B17-4448-A0A3-9FA7958B76DF",
              "versionEndIncluding": "1.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FD0CE1-7E7E-48D7-A58B-99FDA5F1E534",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "550B79DE-8189-4CC4-9DC7-0C8718BDE339",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E746090-0764-4A98-AC4C-D2F9BDF80602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "374C7AC6-1825-4814-8DFA-405254E405EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9EC609-A69C-4793-9769-84DF9AFE2E27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDD3419A-C62B-4BEF-BCD1-7AFE100BCA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0826810A-8D83-4922-AE47-A2D00ADDA952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3851293-B6E6-4A7A-8EA3-442A2E77B772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24E2370-30AE-4FB5-962A-A59773DAB672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F6E0B99-EA63-4E09-8F35-61FD435835AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E98F8EA7-DC0A-49DE-8F38-8242191A71F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBBC639-9A61-4301-8D4A-FA742EABCF41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "70DC13FE-C1D4-4F60-8A69-9C0EA993A994",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:x3650:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C88593-6B6A-4772-AF94-63A78FC93121",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:x3850:m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB8280F0-09FB-4BC6-B384-CF7CAC9DF3EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:ibm:x3950:m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E36E55-9F24-4E8B-927D-AFBA5514389A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "El firmware del IBM Remote Supervisor Adapter II para Sistemas x3650, x3850 M2 y x3950 M2 v1.13 y anteriores generan claves RSA d\u00e9biles, lo que hace que sea m\u00e1s f\u00e1cil saltarse los mecanismos criptogr\u00e1ficos de protecci\u00f3n para atacantes remotos a trav\u00e9s de vectores no especificados.\r\n"
    }
  ],
  "id": "CVE-2012-2187",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-09-25T20:55:00.877",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/55609"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/55609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2012-AVI-594

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans IBM XIV Storage System. La plus critique concerne une clef faible pour un certificat OpenSSL. La clef a été générée sur un système Debian qui était exposé à un problème d'entropie lors de sa génération.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	IBM XIV Storage System versions antérieures à 10.2.4.c
IBM	N/A	IBM XIV Storage System versions antérieures à 11.0.1.a
IBM	N/A	IBM XIV Storage System versions antérieures à 11.1.1
IBM	N/A	IBM XIV Storage System versions antérieures à 10.2.4.e

References

Title

Publication Time

Tags

Bulletin de sécurité IBM ssg1S1004218 du 18 octobre 2012	None	vendor-advisory
Bulletin de sécurité IBM ssg1S1004219 du 18 octobre 2012	None	vendor-advisory
Bulletin de sécurité IBM ssg1S1004217 du 18 octobre 2012	None	vendor-advisory
Bulletin de sécurité IBM ssg1S1004216 du 18 octobre 2012	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 10.2.4.c",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 11.0.1.a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 11.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 10.2.4.e",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2167"
    },
    {
      "name": "CVE-2012-2187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2187"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2008-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0166"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-594",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIBM XIV Storage System\u003c/span\u003e. La plus critique concerne\nune clef faible pour un certificat OpenSSL. La clef a \u00e9t\u00e9 g\u00e9n\u00e9r\u00e9e sur un\nsyst\u00e8me \u003cspan class=\"textit\"\u003eDebian\u003c/span\u003e qui \u00e9tait expos\u00e9 \u00e0 un\nprobl\u00e8me d\u0027entropie lors de sa g\u00e9n\u00e9ration.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM XIV Storage System",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004218 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004219 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004217 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004216 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    }
  ]
}

CERTA-2012-AVI-594

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	IBM XIV Storage System versions antérieures à 10.2.4.c
IBM	N/A	IBM XIV Storage System versions antérieures à 11.0.1.a
IBM	N/A	IBM XIV Storage System versions antérieures à 11.1.1
IBM	N/A	IBM XIV Storage System versions antérieures à 10.2.4.e

References

Title

Publication Time

Tags

Bulletin de sécurité IBM ssg1S1004218 du 18 octobre 2012	None	vendor-advisory
Bulletin de sécurité IBM ssg1S1004219 du 18 octobre 2012	None	vendor-advisory
Bulletin de sécurité IBM ssg1S1004217 du 18 octobre 2012	None	vendor-advisory
Bulletin de sécurité IBM ssg1S1004216 du 18 octobre 2012	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 10.2.4.c",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 11.0.1.a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 11.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM XIV Storage System versions ant\u00e9rieures \u00e0 10.2.4.e",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2167"
    },
    {
      "name": "CVE-2012-2187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2187"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2008-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0166"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-594",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIBM XIV Storage System\u003c/span\u003e. La plus critique concerne\nune clef faible pour un certificat OpenSSL. La clef a \u00e9t\u00e9 g\u00e9n\u00e9r\u00e9e sur un\nsyst\u00e8me \u003cspan class=\"textit\"\u003eDebian\u003c/span\u003e qui \u00e9tait expos\u00e9 \u00e0 un\nprobl\u00e8me d\u0027entropie lors de sa g\u00e9n\u00e9ration.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM XIV Storage System",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004218 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004219 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004217 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ssg1S1004216 du 18 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004216"
    }
  ]
}

GSD-2012-2187

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-2187

Aliases

CVE-2012-2187

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-2187",
    "description": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.",
    "id": "GSD-2012-2187"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-2187"
      ],
      "details": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.",
      "id": "GSD-2012-2187",
      "modified": "2023-12-13T01:20:15.669174Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "ID": "CVE-2012-2187",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "55609",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/55609"
          },
          {
            "name": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525",
            "refsource": "MISC",
            "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
          },
          {
            "name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25",
            "refsource": "CONFIRM",
            "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.13",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:x3950:m2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:x3650:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:ibm:x3850:m2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-2187"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-310"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
            },
            {
              "name": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525",
              "refsource": "MISC",
              "tags": [],
              "url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525"
            },
            {
              "name": "55609",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/55609"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-02-12T05:08Z",
      "publishedDate": "2012-09-25T20:55Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-2187 (GCVE-0-2012-2187)

VAR-201209-0571

GHSA-HFRM-XRCQ-WMJV

FKIE_CVE-2012-2187

CERTA-2012-AVI-594

Solution

CERTA-2012-AVI-594

Solution

GSD-2012-2187

Tags

Sightings

Nomenclature