Vulnerability Description
IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow local users to obtain sensitive information about (1) local accounts, (2) SSH private keys, (3) SSL/TLS private keys, (4) SNMPv3 communities, and (5) LDAP credentials by leveraging unspecified side effects of service or maintenance activity.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Flex System Chassis Management Module | - |
| Ibm | Integrated Management Module Ii | - |
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79020Third Party AdvisoryVDB Entry
- https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5092001Broken Link
- https://www.ibm.com/connections/blogs/PSIRT/entry/flex_system_chassis_managementVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79020Third Party AdvisoryVDB Entry
- https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5092001Broken Link
- https://www.ibm.com/connections/blogs/PSIRT/entry/flex_system_chassis_managementVendor Advisory
FAQ
What is CVE-2012-4838?
CVE-2012-4838 is a vulnerability with a CVSS score of 1.9 (LOW). IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow local users to obtain sensitive information about (1) local accounts, (2) SSH private keys, (3) SSL/TLS ...
How severe is CVE-2012-4838?
CVE-2012-4838 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4838?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Flex System Chassis Management Module, Ibm Integrated Management Module Ii.