Vulnerability Details CVE-2013-4037
The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.7%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2013-4037
-
cpe:2.3:h:ibm:bladecenter:hs22
-
cpe:2.3:h:ibm:bladecenter:hs22v
-
cpe:2.3:h:ibm:bladecenter:hs23
-
cpe:2.3:h:ibm:bladecenter:hs23e
-
cpe:2.3:h:ibm:bladecenter:hx5
-
cpe:2.3:h:ibm:flex_system_x220_compute_node:-
-
cpe:2.3:h:ibm:flex_system_x240_compute_node:-
-
cpe:2.3:h:ibm:flex_system_x440_compute_node:-
-
cpe:2.3:h:ibm:system_x3100_m4:-
-
cpe:2.3:h:ibm:system_x3200_m3:-
-
cpe:2.3:h:ibm:system_x3250_m3:-
-
cpe:2.3:h:ibm:system_x3250_m4:-
-
cpe:2.3:h:ibm:system_x3400_m2:-
-
cpe:2.3:h:ibm:system_x3400_m3:-
-
cpe:2.3:h:ibm:system_x3500_m2:-
-
cpe:2.3:h:ibm:system_x3500_m3:-
-
cpe:2.3:h:ibm:system_x3500_m4:-
-
cpe:2.3:h:ibm:system_x3530_m4:-
-
cpe:2.3:h:ibm:system_x3550_m2:-
-
cpe:2.3:h:ibm:system_x3550_m3:-
-
cpe:2.3:h:ibm:system_x3550_m4:-
-
cpe:2.3:h:ibm:system_x3620_m3:-
-
cpe:2.3:h:ibm:system_x3630_m3:-
-
cpe:2.3:h:ibm:system_x3630_m4:-
-
cpe:2.3:h:ibm:system_x3650_m2:-
-
cpe:2.3:h:ibm:system_x3650_m3:-
-
cpe:2.3:h:ibm:system_x3650_m4:-
-
cpe:2.3:h:ibm:system_x3690_x5:-
-
cpe:2.3:h:ibm:system_x3750_m4:-
-
cpe:2.3:h:ibm:system_x3850_x5:-
-
cpe:2.3:h:ibm:system_x3950_x5:-
-
cpe:2.3:h:ibm:system_x_idataplex_dx360_m2_server:-
-
cpe:2.3:h:ibm:system_x_idataplex_dx360_m3_server:-
-
cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-