Design/Logic Flaw

2018-04-2520:29:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

45.0%

JSON

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.

CPENameOperatorVersion
integrated_management_module_firmwareeq3.50
integrated_management_module_firmwareeq3.55
integrated_management_module_firmwareeq3.56
integrated_management_module_firmwareeq3.65
integrated_management_module_firmwareeq3.67

Name	Operator	Version
integrated_management_module_firmware	eq	3.50
integrated_management_module_firmware	eq	3.55
integrated_management_module_firmware	eq	3.56
integrated_management_module_firmware	eq	3.65
integrated_management_module_firmware	eq	3.67

References

support.lenovo.com/us/en/solutions/ht114525

www.ibm.com/blogs/psirt/security-bulletin-account-specific-information-likely-to-be-present-in-service-advisor-data-ffdc-on-the-integrated-management-module-ii-imm2-cve-2014-0882/

www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094726