CVE-2013-4030 — IBM Integrated Management Module 2 vulnerability

CWE-3103 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 55.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Bladecenter IBM Integrated Management Module 2

Timeline

PublishedJan 21

Latest updateMay 17

Description

Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/integrated_management_module_21.00, 2.00+1

▶NVDibm/bladecenterhs23, hs23e+1

🔴Vulnerability Details

GHSA

GHSA-53ff-hmxc-3jpp: Integrated Management Module (IMM) 2 1↗2022-05-17

▶

CVEList

CVE-2013-4030: Integrated Management Module (IMM) 2 1↗2014-01-21

▶