CVE-2014-0882

MEDIUM

IBM Integrated Management Module Firmware - Authenticated Exposure of Sensitive Information via Service Advisor Data

Title source: llm
STIX 2.1

Description

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC). IBM X-Force ID: 91149.

Scores

CVSS v3 6.5
EPSS 0.0123
EPSS Percentile 65.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (5)
ibm/integrated_management_module_firmware 3.50
ibm/integrated_management_module_firmware 3.55
ibm/integrated_management_module_firmware 3.56
ibm/integrated_management_module_firmware 3.65
ibm/integrated_management_module_firmware 3.67
Published Apr 25, 2018
Tracked Since Feb 18, 2026