Vulnerability Description
Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Integrated Management Module 2 | 1.00 |
| Ibm | Bladecenter | hs23 |
| Ibm | Flex System Manager Node 7955 | - |
| Ibm | Flex System Manager Node 8731 | - |
| Ibm | Flex System Manager Node 8734 | - |
| Ibm | Flex System X220 Compute Node | - |
| Ibm | Flex System X240 Compute Node | - |
| Ibm | Flex System X440 Compute Node | - |
| Ibm | System X Idataplex Direct Water Cooled Dx360 M4 Server | - |
| Ibm | System X Idataplex Dx360 M4 Server | - |
| Ibm | System X3100 M4 | - |
| Ibm | System X3250 M4 | - |
| Ibm | System X3300 M4 | - |
| Ibm | System X3500 M2 | - |
| Ibm | System X3500 M3 | - |
| Ibm | System X3500 M4 | - |
| Ibm | System X3530 M4 | - |
| Ibm | System X3550 M2 | - |
| Ibm | System X3550 M3 | - |
| Ibm | System X3550 M4 | - |
Related Weaknesses (CWE)
References
- http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weakVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86068
- http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_avoiding_weakVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86068
FAQ
What is CVE-2013-4030?
CVE-2013-4030 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptogr...
How severe is CVE-2013-4030?
CVE-2013-4030 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4030?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Integrated Management Module 2, Ibm Bladecenter, Ibm Flex System Manager Node 7955, Ibm Flex System Manager Node 8731, Ibm Flex System Manager Node 8734.