Vulnerability Description
IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM for Bladecenter before 7.8.14.0; 1:10G switch for Bladecenter before 7.4.8.0; 1G switch for Bladecenter before 5.3.5.0; Server Connectivity Module before 1.1.3.4; System Networking RackSwitch G8332 before 7.7.17.0; and System Networking RackSwitch G8000 before 7.1.7.0 have hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | System Networking Rackswitch G8332 Firmware | <= 7.7.16.0 |
| Ibm | System Networking Rackswitch G8332 | - |
| Ibm | Bladecenter 1G Firmware | <= 5.3.4.0 |
| Ibm | Bladecenter 1G | - |
| Ibm | System Networking Rackswitch G8052 Firmware | <= 7.9.1.0 |
| Ibm | System Networking Rackswitch G8124 Firmware | <= 7.9.1.0 |
| Ibm | System Networking Rackswitch G8124E Firmware | <= 7.9.1.0 |
| Ibm | System Networking Rackswitch G8124Er Firmware | <= 7.9.1.0 |
| Ibm | System Networking Rackswitch G8264 Firmware | <= 7.9.1.0 |
| Ibm | System Networking Rackswitch G8264T Firmware | <= 7.9.1.0 |
| Ibm | System Networking Rackswitch G8316 Firmware | <= 7.9.1.0 |
| Ibm | System Networking Rackswitch G8052 | - |
| Ibm | System Networking Rackswitch G8124 | - |
| Ibm | System Networking Rackswitch G8124E | - |
| Ibm | System Networking Rackswitch G8124Er | - |
| Ibm | System Networking Rackswitch G8264 | - |
| Ibm | System Networking Rackswitch G8264T | - |
| Ibm | System Networking Rackswitch G8316 | - |
| Ibm | Bladecenter 1\/10G Firmware | <= 7.4.7.0 |
| Ibm | Bladecenter 1\/10G | - |
References
- http://secunia.com/advisories/54512
- http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096232Vendor Advisory
- http://secunia.com/advisories/54512
- http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096232Vendor Advisory
FAQ
What is CVE-2014-4752?
CVE-2014-4752 is a vulnerability with a CVSS score of 10.0 (HIGH). IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Int...
How severe is CVE-2014-4752?
CVE-2014-4752 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-4752?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm System Networking Rackswitch G8332 Firmware, Ibm System Networking Rackswitch G8332, Ibm Bladecenter 1G Firmware, Ibm Bladecenter 1G, Ibm System Networking Rackswitch G8052 Firmware.