Unrated severityNVD Advisory· Published Aug 9, 2013· Updated Apr 29, 2026

CVE-2013-4038

Description

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.

Affected products

IBM/Bladecenter5 versions
cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:*
IBM/System X3850 X5
cpe:2.3:h:ibm:system_x3850_x5:-:*:*:*:*:*:*:*
IBM/System X3950 X5
cpe:2.3:h:ibm:system_x3950_x5:-:*:*:*:*:*:*:*
IBM/Flex System X220 Compute Node
cpe:2.3:h:ibm:flex_system_x220_compute_node:-:*:*:*:*:*:*:*
IBM/Flex System X240 Compute Node
cpe:2.3:h:ibm:flex_system_x240_compute_node:-:*:*:*:*:*:*:*
IBM/Flex System X440 Compute Node
cpe:2.3:h:ibm:flex_system_x440_compute_node:-:*:*:*:*:*:*:*
IBM/System X Idataplex Dx360 M2 Server
cpe:2.3:h:ibm:system_x_idataplex_dx360_m2_server:-:*:*:*:*:*:*:*
IBM/System X Idataplex Dx360 M3 Server
cpe:2.3:h:ibm:system_x_idataplex_dx360_m3_server:-:*:*:*:*:*:*:*
IBM/System X Idataplex Dx360 M4 Server
cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-:*:*:*:*:*:*:*
IBM/System X3100 M4
cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*
IBM/System X3200 M3
cpe:2.3:h:ibm:system_x3200_m3:-:*:*:*:*:*:*:*
IBM/System X3250 M3
cpe:2.3:h:ibm:system_x3250_m3:-:*:*:*:*:*:*:*
IBM/System X3250 M4
cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*
IBM/System X3400 M2
cpe:2.3:h:ibm:system_x3400_m2:-:*:*:*:*:*:*:*
IBM/System X3400 M3
cpe:2.3:h:ibm:system_x3400_m3:-:*:*:*:*:*:*:*
IBM/System X3500 M2
cpe:2.3:h:ibm:system_x3500_m2:-:*:*:*:*:*:*:*
IBM/System X3500 M3
cpe:2.3:h:ibm:system_x3500_m3:-:*:*:*:*:*:*:*
IBM/System X3500 M4
cpe:2.3:h:ibm:system_x3500_m4:-:*:*:*:*:*:*:*
IBM/System X3530 M4
cpe:2.3:h:ibm:system_x3530_m4:-:*:*:*:*:*:*:*
IBM/System X3550 M2
cpe:2.3:h:ibm:system_x3550_m2:-:*:*:*:*:*:*:*
IBM/System X3550 M3
cpe:2.3:h:ibm:system_x3550_m3:-:*:*:*:*:*:*:*
IBM/System X3550 M4
cpe:2.3:h:ibm:system_x3550_m4:-:*:*:*:*:*:*:*
IBM/System X3620 M3
cpe:2.3:h:ibm:system_x3620_m3:-:*:*:*:*:*:*:*
IBM/System X3630 M3
cpe:2.3:h:ibm:system_x3630_m3:-:*:*:*:*:*:*:*
IBM/System X3630 M4
cpe:2.3:h:ibm:system_x3630_m4:-:*:*:*:*:*:*:*
IBM/System X3650 M2
cpe:2.3:h:ibm:system_x3650_m2:-:*:*:*:*:*:*:*
IBM/System X3650 M3
cpe:2.3:h:ibm:system_x3650_m3:-:*:*:*:*:*:*:*
IBM/System X3650 M4
cpe:2.3:h:ibm:system_x3650_m4:-:*:*:*:*:*:*:*
IBM/System X3690 X5
cpe:2.3:h:ibm:system_x3690_x5:-:*:*:*:*:*:*:*
IBM/System X3750 M4
cpe:2.3:h:ibm:system_x3750_m4:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/entry/portal/docdisplaynvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/86174nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000