1. Home
  2. CVE Database
  3. CVE-2014-0882
MEDIUM · 6.5

CVE-2014-0882

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via ve...

Vulnerability Description

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IbmIntegrated Management Module Firmware3.50
IbmFlex System Manager 7955-
IbmFlex System Manager 8731-
IbmFlex System X220-
IbmFlex System X240-
IbmFlex System X440-
IbmNextscale Nx360 M4-
IbmSystem X Idataplex Dx360 M4-
IbmSystem X3100 M4-
IbmSystem X3250 M4-
IbmSystem X3500 M4-
IbmSystem X3530 M4-
IbmSystem X3550 M4-
IbmSystem X3630 M4-
IbmSystem X3650 M4-
IbmSystem X3750 M4-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2014-0882?

CVE-2014-0882 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via ve...

How severe is CVE-2014-0882?

CVE-2014-0882 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0882?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Integrated Management Module Firmware, Ibm Flex System Manager 7955, Ibm Flex System Manager 8731, Ibm Flex System X220, Ibm Flex System X240.