Vulnerabilities > CVE-2012-4838 - Unspecified vulnerability in IBM products

CVSS 1.9 - LOW

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

ibm

NVD

Published: 2012-12-08

Updated: 2021-11-08

Summary

IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow local users to obtain sensitive information about (1) local accounts, (2) SSH private keys, (3) SSL/TLS private keys, (4) SNMPv3 communities, and (5) LDAP credentials by leveraging unspecified side effects of service or maintenance activity.

Vulnerable Configurations

Part	Description	Count
Hardware	Ibm IBM Flex System Chassis Management Module - IBM Integrated Management Module II -	2

References

https://www.ibm.com/connections/blogs/PSIRT/entry/flex_system_chassis_management_module_cmm_and_integrated_management_module_2_imm2_potential_security_vulnerability_with_authentication_data_cve_2012_4838_ibm_flex_system8
https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5092001
https://exchange.xforce.ibmcloud.com/vulnerabilities/79020