CVE-2013-4031 — IBM Bladecenter vulnerability

CWE-2553 documents3 sources

Severity

10.0CRITICALNVD

EPSS

2.5%

top 14.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Bladecenter

Timeline

PublishedAug 9

Latest updateMay 17

Description

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account, which makes it easier for remote attackers to perform power-on, power-off, or reboot actions, or add or modify accounts, via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/bladecenter5 versions+4

🔴Vulnerability Details

GHSA

GHSA-7p2w-5xvj-v699: The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) o↗2022-05-17

▶

CVEList

CVE-2013-4031: The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) o↗2013-08-09

▶