Strix
26.1K

CVE-2013-4030

UnknownEPSS 0.95%

Last modified

CVE-2013-4030 is a vulnerability of currently unknown severity. Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.. EPSS estimates a 0.95% chance of exploitation in the next 30 days.

Description

Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.

Metrics

EPSS Probability
0.95%

56.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
IbmIntegrated Management Module 21.00
IbmIntegrated Management Module 22.00
IbmBladecenterhs23
IbmBladecenterhs23e
IbmFlex System Manager Node 7955All versions
IbmFlex System Manager Node 8731All versions
IbmFlex System Manager Node 8734All versions
IbmFlex System X220 Compute NodeAll versions
IbmFlex System X240 Compute NodeAll versions
IbmFlex System X440 Compute NodeAll versions
IbmSystem X Idataplex Direct Water Cooled Dx360 M4 ServerAll versions
IbmSystem X Idataplex Dx360 M4 ServerAll versions
IbmSystem X3100 M4All versions
IbmSystem X3250 M4All versions
IbmSystem X3300 M4All versions
IbmSystem X3500 M2All versions
IbmSystem X3500 M3All versions
IbmSystem X3500 M4All versions
IbmSystem X3530 M4All versions
IbmSystem X3550 M2All versions
IbmSystem X3550 M3All versions
IbmSystem X3550 M4All versions
IbmSystem X3630 M3All versions
IbmSystem X3630 M4All versions
IbmSystem X3630 M4 HdAll versions
IbmSystem X3650 M2All versions
IbmSystem X3650 M3All versions
IbmSystem X3650 M4All versions
IbmSystem X3650 M4 HdAll versions
IbmSystem X3690 X5All versions
IbmSystem X3750 M4All versions
IbmSystem X3850 X5All versions
IbmSystem X3950 X5All versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-4030?
Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic.
How severe is CVE-2013-4030?
Severity scoring for CVE-2013-4030 is pending analysis. The EPSS model estimates a 0.95% probability of exploitation in the next 30 days.
How do I fix CVE-2013-4030?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-4030?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST