Remote Access Vulnerability in IBM BladeCenter Connectivity and RAID Modules
CVE-2014-3019

Currently unrated

Key Information:

Vendor: IBM
Status: Sas Raid Module Firmware
Vendor: CVE Published:; 17 January 2015

Summary

A vulnerability exists in the IBM BladeCenter SAS Connectivity Module and SAS RAID Module that allows remote attackers to gain unauthorized access to blade and storage-pool data through a TELNET session. This flaw can be exploited if the module is configured to permit TELNET connections, potentially leading to unauthorized information disclosure and system manipulation.

References

http://www.ibm.com/support/entry/portal/docdisplay?lndoci...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/93054

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 17, 2015
Vulnerability Reserved
Apr 29, 2014