Unrated severityNVD Advisory· Published Aug 17, 2014· Updated May 6, 2026

CVE-2014-3081

Description

prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.

Affected products

IBM/Global Console Manager 16 Firmware
cpe:2.3:o:ibm:global_console_manager_16_firmware:*:*:*:*:*:*:*:*
Range: <=1.20.0.22575
IBM/Global Console Manager 32 Firmware
cpe:2.3:o:ibm:global_console_manager_32_firmware:*:*:*:*:*:*:*:*
Range: <=1.20.0.22575

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.htmlnvdExploit
www.exploit-db.com/exploits/34132/nvdExploit
www.ibm.com/support/entry/portal/docdisplaynvdVendor Advisory
seclists.org/fulldisclosure/2014/Jul/113nvd
exchange.xforce.ibmcloud.com/vulnerabilities/93930nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000