Vulnerabilities > IBM > Flex System X880 M4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-26 | CVE-2018-9068 | Use of Hard-coded Credentials vulnerability in multiple products The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. | 5.0 |
2018-04-19 | CVE-2017-3774 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lenovo Integrated Management Module 2 A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. | 7.5 |
2018-01-26 | CVE-2017-3768 | Resource Exhaustion vulnerability in multiple products An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). | 7.8 |
2017-06-20 | CVE-2017-3744 | Information Exposure Through Log Files vulnerability in multiple products In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. | 4.0 |