Vulnerabilities > IBM > Advanced Management Module Firmware > 3.64

DATE	CVE	VULNERABILITY TITLE	RISK
2014-07-07	CVE-2014-0860	Cryptographic Issues vulnerability in IBM products The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface. network low complexity ibm CWE-310	5.0
2013-12-01	CVE-2013-6718	Cryptographic Issues vulnerability in IBM Advanced Management Module Firmware 3.64 The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface. network low complexity ibm CWE-310	6.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.