VAR-201209-0571
Vulnerability from variot - Updated: 2023-12-18 13:04IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors. IBM Remote Supervisor Adapter II is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Attackers can exploit this vulnerability to break through the encryption protection mechanism through unknown vectors
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0571",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "remote supervisor adapter ii",
"scope": "lte",
"trust": 1.8,
"vendor": "ibm",
"version": "1.13"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.12"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.11"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.8"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.9"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.7"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.6"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.10"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.5"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.3"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "system x3650",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "system x3850",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "m2"
},
{
"model": "system x3950",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "m2"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.13"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ibm:x3950:m2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:x3650:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ibm:x3850:m2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "University of Michigan and UC San Diego",
"sources": [
{
"db": "BID",
"id": "55609"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2187",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-2187",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-55468",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2187",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-539",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55468",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors. IBM Remote Supervisor Adapter II is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Attackers can exploit this vulnerability to break through the encryption protection mechanism through unknown vectors",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "VULHUB",
"id": "VHN-55468"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2187",
"trust": 2.8
},
{
"db": "BID",
"id": "55609",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-55468",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"id": "VAR-201209-0571",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:04:17.978000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Weak Key Vulnerability in Remote Supervisor Adapter II firmware (CVE-2012-2187)",
"trust": 0.8,
"url": "http://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
},
{
"title": "ibm_fw_rsa2_a3ep47a_linux_i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=44994"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
},
{
"trust": 1.7,
"url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=migr-5091525"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55609"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2187"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2187"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-55468"
},
{
"date": "2012-09-17T00:00:00",
"db": "BID",
"id": "55609"
},
{
"date": "2012-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"date": "2012-09-25T20:55:00.877000",
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"date": "2012-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-55468"
},
{
"date": "2012-10-19T15:30:00",
"db": "BID",
"id": "55609"
},
{
"date": "2012-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"date": "2013-02-12T05:08:29.460000",
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"date": "2012-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural IBM For product IBM Remote Supervisor Adapter II Vulnerability that breaks cryptographic protection mechanisms in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…