Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:02
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.lenovo.com/us/en/solutions/ht114525 - Third Party Advisory | |
References | () https://www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/ - Vendor Advisory | |
References | () https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726 - Vendor Advisory |
Information
Published : 2018-04-25 20:29
Updated : 2024-11-21 02:02
NVD link : CVE-2014-0882
Mitre link : CVE-2014-0882
CVE.ORG link : CVE-2014-0882
JSON object : View
Products Affected
ibm
- flex_system_manager_8731
- system_x_idataplex_dx360_m4
- system_x3650_m4
- flex_system_x440
- system_x3100_m4
- system_x3550_m4
- system_x3750_m4
- flex_system_x220
- system_x3500_m4
- flex_system_x240
- system_x3250_m4
- integrated_management_module_firmware
- system_x3630_m4
- nextscale_nx360_m4
- flex_system_manager_7955
- system_x3530_m4
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor