CVE-2014-4752

IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM for Bladecenter before 7.8.14.0; 1:10G switch for Bladecenter before 7.4.8.0; 1G switch for Bladecenter before 5.3.5.0; Server Connectivity Module before 1.1.3.4; System Networking RackSwitch G8332 before 7.7.17.0; and System Networking RackSwitch G8000 before 7.1.7.0 have hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
ibmsystem_networking_rackswitch__g8332_firmware
𝑥
≤ 7.7.16.0
ibmsystem_networking_rackswitch__g8332
-
ibmbladecenter_1g_firmware
𝑥
≤ 5.3.4.0
ibmbladecenter_1g
-
ibmsystem_networking_rackswitch__g8052_firmware
𝑥
≤ 7.9.1.0
ibmsystem_networking_rackswitch__g8124_firmware
𝑥
≤ 7.9.1.0
ibmsystem_networking_rackswitch__g8124e_firmware
𝑥
≤ 7.9.1.0
ibmsystem_networking_rackswitch__g8124er_firmware
𝑥
≤ 7.9.1.0
ibmsystem_networking_rackswitch__g8264_firmware
𝑥
≤ 7.9.1.0
ibmsystem_networking_rackswitch__g8264t_firmware
𝑥
≤ 7.9.1.0
ibmsystem_networking_rackswitch__g8316_firmware
𝑥
≤ 7.9.1.0
ibmsystem_networking_rackswitch__g8052
-
ibmsystem_networking_rackswitch__g8124
-
ibmsystem_networking_rackswitch__g8124e
-
ibmsystem_networking_rackswitch__g8124er
-
ibmsystem_networking_rackswitch__g8264
-
ibmsystem_networking_rackswitch__g8264t
-
ibmsystem_networking_rackswitch__g8316
-
ibmbladecenter_1\/10g_firmware
𝑥
≤ 7.4.7.0
ibmbladecenter_1\/10g
-
ibmflex_system_interconnect_fabric_firmware
𝑥
≤ 7.8.5.0
ibmflex_system_interconnect_fabric
-
ibmbladecenter_1g_l2-7_slb_firmware
𝑥
≤ 21.0.20.0
ibmbladecenter_1g_l2-7_slb
-
ibmsystem_networking_rackswitch__g8332_firmware
𝑥
≤ 7.1.6.0
ibmsystem_networking_rackswitch__g8332
-
ibmbladecenter_10g_vfsm_firmware
𝑥
≤ 7.8.6.0
ibmbladecenter_10g_vfsm
-
ibmsystem_networking_rackswitch__cn4093_firmware
𝑥
≤ 7.8.5.0
ibmsystem_networking_rackswitch__en2092_firmware
𝑥
≤ 7.8.5.0
ibmsystem_networking_rackswitch__en4093_firmware
𝑥
≤ 7.8.5.0
ibmsystem_networking_rackswitch__en4093r_firmware
𝑥
≤ 7.8.5.0
ibmsystem_networking_rackswitch__g8264cs_firmware
𝑥
≤ 7.8.5.0
ibmsystem_networking_rackswitch__si4093_firmware
𝑥
≤ 7.8.5.0
ibmsystem_networking_rackswitch__cn4093
-
ibmsystem_networking_rackswitch__en2092
-
ibmsystem_networking_rackswitch__en4093
-
ibmsystem_networking_rackswitch__en4093r
-
ibmsystem_networking_rackswitch__g8264cs
-
ibmsystem_networking_rackswitch__si4093
-
ibmserver_connectivity_module_firmware
𝑥
≤ 1.1.3.0
ibmserver_connectivity_module
-
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/54512
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096232
http://secunia.com/advisories/54512
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096232