CVE-2013-4038
Severity CVSS v4.0:
Pending analysis
Type:
CWE-310
Cryptographic Issues
Publication date:
09/08/2013
Last modified:
11/04/2025
Description
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.
Impact
Base Score 2.0
4.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:flex_system_x220_compute_node:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:flex_system_x240_compute_node:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:flex_system_x440_compute_node:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:system_x_idataplex_dx360_m2_server:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:system_x_idataplex_dx360_m3_server:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:system_x3200_m3:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:system_x3250_m3:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page