IBM » Flex System Manager : Security Vulnerabilities, CVEs,

CVE-2014-6147

IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sensitive information, and consequently gain privileges or conduct impersonation attacks, via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-02-19
Updated
2017-09-08

CVE-2014-0897

The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors.
Max CVSS
3.5
EPSS Score
0.10%
Published
2014-08-29
Updated
2017-08-29

CVE-2013-5438

Cross-site scripting (XSS) vulnerability in the web server in IBM Flex System Manager (FSM) 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.18%
Published
2013-12-14
Updated
2017-08-29

CVE-2013-5424

IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account.
Max CVSS
6.8
EPSS Score
0.41%
Published
2013-10-25
Updated
2017-08-29

CVE-2013-5423

IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.46%
Published
2014-07-07
Updated
2017-08-29
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close