CyberSec.Space Logo
Back to CVE Browser

CVE-2018-18202

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1540%
EPSS Percentile12.38th
PublishedOct 10, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0 modules for IBM BladeCenter have an undocumented support account with a support password, an undocumented diags account with a diags password, and an undocumented prom account with a prom password.

Affected Platforms (CPE)

💻
Ibm

Qlogic 4 Gb Fibre Channel Expansion Card Firmware

= 5.5.2.6.0
💻
Ibm

Qlogic 20 Port 4\/8 Gb San Switch Module Firmware

= 7.10.1.20.0

References & Advisories

🔗 http://misteralfa-hack.blogspot.com/2018/10/ibm-bladecenter-qlogic-4g-fibre-channel.html
🔗 http://misteralfa-hack.blogspot.com/2018/10/ibm-bladecenter-qlogic-4g-fibre-channel.html

Related Vulnerabilities

CVE-2018-1472110.0

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by ...

CVE-2018-422910.0

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatc...

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...