The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Advanced_management_module_firmware | Ibm | 3.64-bbet64b (including) | 3.64-bbet64b (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bbet64c (including) | 3.64-bbet64c (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bbet64g (including) | 3.64-bbet64g (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bpeo64b (including) | 3.64-bpeo64b (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bpeo64c (including) | 3.64-bpeo64c (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bpeo64g (including) | 3.64-bpeo64g (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bpet64b (including) | 3.64-bpet64b (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bpet64c (including) | 3.64-bpet64c (including) |
| Advanced_management_module_firmware | Ibm | 3.64-bpet64g (including) | 3.64-bpet64g (including) |
References
- http://osvdb.org/100397
- http://secunia.com/advisories/55921
- http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718
- http://www.securityfocus.com/bid/64032
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89174
- http://osvdb.org/100397
- http://secunia.com/advisories/55921
- http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718
- http://www.securityfocus.com/bid/64032
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89174