CVE-2014-0897

EUVD-2014-0927
The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
ibmflex_system_manager
1.2.0
ibmflex_system_manager
1.2.1
ibmflex_system_manager
1.3.0
ibmflex_system_manager
1.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IT03824
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096153
https://exchange.xforce.ibmcloud.com/vulnerabilities/91395
http://www-01.ibm.com/support/docview.wss?uid=swg1IT03824
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096153
https://exchange.xforce.ibmcloud.com/vulnerabilities/91395