Local Security Information Exposure in IBM Flex System Chassis Management Module and Integrated Management Module 2
CVE-2012-4838

Currently unrated

Key Information:

Vendor: IBM
Status: Flex System Chassis Management Module; Integrated Management Module Ii
Vendor: CVE Published:; 8 December 2012

What is CVE-2012-4838?

IBM Flex System Chassis Management Module and Integrated Management Module 2 are subject to a vulnerability that permits local users to gain access to sensitive information. This includes local account details, SSH and SSL/TLS private keys, SNMPv3 community strings, and LDAP credentials, which can be exploited through unforeseen side effects during service or maintenance operations. Maintaining best practices for security hygiene is crucial for organizations utilizing these products.

References

https://www.ibm.com/connections/blogs/PSIRT/entry/flex_sy...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/79020

vdb-entryx_refsource_XF

https://www-947.ibm.com/support/entry/myportal/docdisplay...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2012
Vulnerability Reserved
Sep 6, 2012