Access Control Bypass in IBM Flex System Manager
CVE-2013-5424

Currently unrated

Key Information:

Vendor: IBM
Status: Flex System Manager
Vendor: CVE Published:; 25 October 2013

Summary

IBM Flex System Manager (FSM) 1.3.0 is susceptible to an access control bypass vulnerability that allows attackers to exploit expired passwords for system-level accounts. This flaw enables remote attackers to create new user accounts or execute tasks without proper authorization, posing significant security risks. Organizations utilizing affected versions of FSM should implement immediate measures to mitigate this vulnerability and protect their systems from unauthorized access.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/87486

vdb-entryx_refsource_XF

http://www.ibm.com/support/entry/portal/docdisplay?lndoci...

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IC96952

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Oct 25, 2013
Vulnerability Reserved
Aug 22, 2013