Authenticated Remote Access Vulnerability in IBM Integrated Management Module II
CVE-2014-0882

6.5MEDIUM

Key Information:

Vendor
IBM
Status
Integrated Management Module Firmware
Vendor
CVE Published:
25 April 2018

Summary

The vulnerability within IBM's Integrated Management Module II (IMM2) poses risks by potentially allowing remote authenticated users to access sensitive account information through various vectors associated with the generated Service Advisor data (FFDC). This could lead to unauthorized visibility of account-specific data, which may compromise system integrity and user privacy.

References

https://support.lenovo.com/us/en/solutions/ht114525
x_refsource_CONFIRM
https://www.ibm.com/blogs/psirt/security-bulletin-account...
x_refsource_CONFIRM
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.