VYPR

IMM2

by Lenovo

CVEs (3)

  • CVE-2017-3774CriApr 19, 2018
    risk 0.64cvss 9.8epss 0.01

    A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and…

  • CVE-2018-9068HigJul 26, 2018
    risk 0.49cvss 7.5epss 0.01

    The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier…

  • CVE-2020-8340Sep 15, 2020
    risk 0.00cvss epss 0.01

    A cross-site scripting (XSS) vulnerability was discovered in the legacy IBM and Lenovo System x IMM2 (Integrated Management Module 2), prior to version 5.60, embedded Baseboard Management Controller (BMC) web interface during an internal security review. This vulnerability could…