CVE-2014-4750

EUVD-2014-4669
IBM PowerVC Express Edition 1.2.0 before FixPack3 establishes an FTP session for transferring files to a managed IVM, which allows remote attackers to discover credentials by sniffing the network.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.9 UNKNOWN
ADJACENT_NETWORK
MEDIUM
AV:A/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
ibmpowervc
1.2.0.0
ibmpowervc
1.2.0.1
ibmpowervc
1.2.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020223
http://www.securityfocus.com/bid/69299
https://exchange.xforce.ibmcloud.com/vulnerabilities/94352
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020223
http://www.securityfocus.com/bid/69299
https://exchange.xforce.ibmcloud.com/vulnerabilities/94352