Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2009-1289
HistoryApr 13, 2009 - 4:30 p.m.

CVE-2009-1289

2009-04-1316:30:00
CWE-200
mitre
web.nvd.nist.gov
26
ibm
bladecenter
amm
cve-2009-1289
access control
vulnerability

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.027

Percentile

90.5%

JSON

private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter.

Affected configurations

Nvd
Node
ibmadvanced_management_moduleMatch1.36h
AND
ibmbladecenterMatche1881
OR
ibmbladecenterMatche7967
OR
ibmbladecenterMatche8677
OR
ibmbladecenterMatchh7989
OR
ibmbladecenterMatchh8852
OR
ibmbladecenterMatchhc107996
OR
ibmbladecenterMatchhs121916
OR
ibmbladecenterMatchhs128014
OR
ibmbladecenterMatchhs128028
OR
ibmbladecenterMatchhs201883
OR
ibmbladecenterMatchhs211885
OR
ibmbladecenterMatchhs218853
OR
ibmbladecenterMatchhs21_xm1915
OR
ibmbladecenterMatchhs21_xm7995
OR
ibmbladecenterMatchht8740
OR
ibmbladecenterMatchht8750
OR
ibmbladecenterMatchjs127998
OR
ibmbladecenterMatchjs217988
OR
ibmbladecenterMatchjs218844
OR
ibmbladecenterMatchjs227998
OR
ibmbladecenterMatchls208850
OR
ibmbladecenterMatchls217971
OR
ibmbladecenterMatchls417972
OR
ibmbladecenterMatchqs210792
OR
ibmbladecenterMatchqs220793
OR
ibmbladecenterMatchs1948
OR
ibmbladecenterMatchs8886
OR
ibmbladecenterMatcht8720
OR
ibmbladecenterMatcht8730
VendorProductVersionCPE
ibmadvanced_management_module1.36hcpe:2.3:a:ibm:advanced_management_module:1.36h:*:*:*:*:*:*:*
ibmbladecenterecpe:2.3:h:ibm:bladecenter:e:*:1881:*:*:*:*:*
ibmbladecenterecpe:2.3:h:ibm:bladecenter:e:*:7967:*:*:*:*:*
ibmbladecenterecpe:2.3:h:ibm:bladecenter:e:*:8677:*:*:*:*:*
ibmbladecenterhcpe:2.3:h:ibm:bladecenter:h:*:7989:*:*:*:*:*
ibmbladecenterhcpe:2.3:h:ibm:bladecenter:h:*:8852:*:*:*:*:*
ibmbladecenterhc10cpe:2.3:h:ibm:bladecenter:hc10:*:7996:*:*:*:*:*
ibmbladecenterhs12cpe:2.3:h:ibm:bladecenter:hs12:*:1916:*:*:*:*:*
ibmbladecenterhs12cpe:2.3:h:ibm:bladecenter:hs12:*:8014:*:*:*:*:*
ibmbladecenterhs12cpe:2.3:h:ibm:bladecenter:hs12:*:8028:*:*:*:*:*
Rows per page:
1-10 of 301

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2009-1289
2009-04-13 16:00:00
nvd
nvd
CVE-2009-1289
2009-04-13 16:30:00
prion
prion
Code injection
2009-04-13 16:30:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.027

Percentile

90.5%

JSON
Related for CVE-2009-1289
cvelist1nvd1prion1