Vulnerability Description
The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of service by leveraging an incorrect configuration. IBM X-Force ID: 91146.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Integrated Management Module Firmware | >= 1.00, <= 3.56 |
| Ibm | Flex System X222 | - |
Related Weaknesses (CWE)
References
- https://support.lenovo.com/us/en/solutions/ht114524Third Party Advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-tpm-on-the-integrated-managemeVendor Advisory
- https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094725Vendor Advisory
- https://support.lenovo.com/us/en/solutions/ht114524Third Party Advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-tpm-on-the-integrated-managemeVendor Advisory
- https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5094725Vendor Advisory
FAQ
What is CVE-2014-0881?
CVE-2014-0881 is a vulnerability with a CVSS score of 7.4 (HIGH). The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of servi...
How severe is CVE-2014-0881?
CVE-2014-0881 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0881?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Integrated Management Module Firmware, Ibm Flex System X222.