Strix
26.1K

CVE-2013-4038

UnknownEPSS 0.79%

Last modified

CVE-2013-4038 is a vulnerability of currently unknown severity. The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.. EPSS estimates a 0.79% chance of exploitation in the next 30 days.

Description

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.

Metrics

EPSS Probability
0.79%

51.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
IbmBladecenterhs22
IbmBladecenterhs22v
IbmBladecenterhs23
IbmBladecenterhs23e
IbmBladecenterhx5
IbmFlex System X220 Compute NodeAll versions
IbmFlex System X240 Compute NodeAll versions
IbmFlex System X440 Compute NodeAll versions
IbmSystem X Idataplex Dx360 M2 ServerAll versions
IbmSystem X Idataplex Dx360 M3 ServerAll versions
IbmSystem X Idataplex Dx360 M4 ServerAll versions
IbmSystem X3100 M4All versions
IbmSystem X3200 M3All versions
IbmSystem X3250 M3All versions
IbmSystem X3250 M4All versions
IbmSystem X3400 M2All versions
IbmSystem X3400 M3All versions
IbmSystem X3500 M2All versions
IbmSystem X3500 M3All versions
IbmSystem X3500 M4All versions
IbmSystem X3530 M4All versions
IbmSystem X3550 M2All versions
IbmSystem X3550 M3All versions
IbmSystem X3550 M4All versions
IbmSystem X3620 M3All versions
IbmSystem X3630 M3All versions
IbmSystem X3630 M4All versions
IbmSystem X3650 M2All versions
IbmSystem X3650 M3All versions
IbmSystem X3650 M4All versions
IbmSystem X3690 X5All versions
IbmSystem X3750 M4All versions
IbmSystem X3850 X5All versions
IbmSystem X3950 X5All versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-4038?
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.
How severe is CVE-2013-4038?
Severity scoring for CVE-2013-4038 is pending analysis. The EPSS model estimates a 0.79% probability of exploitation in the next 30 days.
How do I fix CVE-2013-4038?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-4038?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST