CVE-2013-4038

Severity CVSS v4.0:
Pending analysis
Type:
CWE-310 Cryptographic Issues
Publication date:
09/08/2013
Last modified:
11/04/2025

Description

The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information by reading a file.

Vulnerable products and versions

CPE From Up to
cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*
cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:*
cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*
cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*
cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:*
cpe:2.3:h:ibm:flex_system_x220_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:flex_system_x240_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:flex_system_x440_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x_idataplex_dx360_m2_server:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x_idataplex_dx360_m3_server:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x_idataplex_dx360_m4_server:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x3100_m4:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x3200_m3:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x3250_m3:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x3250_m4:-:*:*:*:*:*:*:*