VYPR

Integrated Management Module Firmware

by IBM

CVEs (8)

  • CVE-2017-3744MedJun 20, 2017
    risk 0.42cvss 6.5epss 0.01

    In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear…

  • CVE-2021-3723Nov 12, 2021
    risk 0.00cvss epss 0.02

    A command injection vulnerability was reported in the Integrated Management Module (IMM) of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session.

  • CVE-2014-0860Jul 7, 2014
    risk 0.00cvss epss 0.01

    The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows…

  • CVE-2013-4030Jan 21, 2014
    risk 0.00cvss epss 0.01

    Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS…

  • CVE-2013-4038Aug 9, 2013
    risk 0.00cvss epss 0.01

    The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain…

  • CVE-2013-4037Aug 9, 2013
    risk 0.00cvss epss 0.01

    The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash…

  • CVE-2013-4031Aug 9, 2013
    risk 0.00cvss epss 0.02

    The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers has a default password for the IPMI user account,…

  • CVE-2012-4838Dec 8, 2012
    risk 0.00cvss epss 0.00

    IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow local users to obtain sensitive information about (1) local accounts, (2) SSH private keys, (3) SSL/TLS private keys, (4) SNMPv3 communities, and (5) LDAP credentials by leveraging…