TPM Misconfiguration in IBM Flex System x222 Servers
CVE-2014-0881
7.4HIGH
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 25 April 2018
Summary
The Integrated Management Module II (IMM2) on IBM Flex System x222 servers is susceptible to a misconfiguration of the Trusted Platform Module (TPM). This vulnerability allows remote attackers to exploit the system, potentially leading to unauthorized access to sensitive key information or causing a denial of service. The issue arises specifically in firmware versions 1.00 through 3.56, making it crucial for users to update their systems and review configurations to mitigate potential risks.
References
CVSS V3.1
Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved