CVE-2013-4038IBM Bladecenter vulnerability

CWE-3103 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
0.2%
top 56.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Bladecenter
Timeline
PublishedAug 9
Latest updateMay 17

Description

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/bladecenter5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-g9qg-48f9-44pg: The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iD2022-05-17
CVEList
CVE-2013-4038: The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iD2013-08-09
CVE-2013-4038 — IBM Bladecenter vulnerability | cvebase