CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-0860

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0050%
EPSS Percentile18.53th
Published2014年7月7日
Last Modified2026年5月6日

Vulnerability Description

The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.

Affected Platforms (CPE)

💻
Ibm

Integrated Management Module Firmware

<= 1.36
🔌
Ibm

Integrated Management Module

All versions
💻
Ibm

Advanced Management Module Firmware

<= 3.65
🔌
Ibm

Advanced Management Module

All versions
💻
Ibm

Integrated Management Module Ii Firmware

<= 3.65
🔌
Ibm

Integrated Management Module Ii

All versions

References & Advisories

🔗 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/90880
🔗 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095840
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/90880

相關漏洞威脅

CVE-2014-08817.4

The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote at...

CVE-2019-61576.5

In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) in...

CVE-2014-052410.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052910.0

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to ex...