CyberSec.Space Logo
Back to CVE Browser

CVE-2013-4031

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile2.28th
PublishedAug 9, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors.

Affected Platforms (CPE)

πŸ”Œ
Ibm

Bladecenter

= hs22
πŸ”Œ
Ibm

Bladecenter

= hs22v
πŸ”Œ
Ibm

Bladecenter

= hs23
πŸ”Œ
Ibm

Bladecenter

= hs23e
πŸ”Œ
Ibm

Bladecenter

= hx5
πŸ”Œ
Ibm

Flex System X220 Compute Node

All versions
πŸ”Œ
Ibm

Flex System X240 Compute Node

All versions
πŸ”Œ
Ibm

Flex System X440 Compute Node

All versions
πŸ”Œ
Ibm

System X Idataplex Dx360 M2 Server

All versions
πŸ”Œ
Ibm

System X Idataplex Dx360 M3 Server

All versions
πŸ”Œ
Ibm

System X Idataplex Dx360 M4 Server

All versions
πŸ”Œ
Ibm

System X3100 M4

All versions
πŸ”Œ
Ibm

System X3200 M3

All versions
πŸ”Œ
Ibm

System X3250 M3

All versions
πŸ”Œ
Ibm

System X3250 M4

All versions
πŸ”Œ
Ibm

System X3400 M2

All versions
πŸ”Œ
Ibm

System X3400 M3

All versions
πŸ”Œ
Ibm

System X3500 M2

All versions
πŸ”Œ
Ibm

System X3500 M3

All versions
πŸ”Œ
Ibm

System X3500 M4

All versions
πŸ”Œ
Ibm

System X3530 M4

All versions
πŸ”Œ
Ibm

System X3550 M2

All versions
πŸ”Œ
Ibm

System X3550 M3

All versions
πŸ”Œ
Ibm

System X3550 M4

All versions
πŸ”Œ
Ibm

System X3620 M3

All versions
πŸ”Œ
Ibm

System X3630 M3

All versions
πŸ”Œ
Ibm

System X3630 M4

All versions
πŸ”Œ
Ibm

System X3650 M2

All versions
πŸ”Œ
Ibm

System X3650 M3

All versions
πŸ”Œ
Ibm

System X3650 M4

All versions
πŸ”Œ
Ibm

System X3690 X5

All versions
πŸ”Œ
Ibm

System X3750 M4

All versions
πŸ”Œ
Ibm

System X3850 X5

All versions
πŸ”Œ
Ibm

System X3950 X5

All versions

References & Advisories

πŸ”— http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/86172
πŸ”— http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093463
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/86172

Related Vulnerabilities

CVE-2009-393510.0

Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx an...

CVE-2014-475210.0

IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093...

CVE-2018-182029.8

The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0 modules for IBM BladeCenter have an undocumented support account ...

CVE-2014-30187.8

IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) before 1.3.3.006 allow remote attackers to cause...