Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-5423 | 1 Ibm | 1 Flex System Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors. | |||||
CVE-2014-0897 | 1 Ibm | 1 Flex System Manager | 2024-02-04 | 3.5 LOW | N/A |
The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors. | |||||
CVE-2014-6147 | 1 Ibm | 1 Flex System Manager | 2024-02-04 | 2.1 LOW | N/A |
IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sensitive information, and consequently gain privileges or conduct impersonation attacks, via unspecified vectors. | |||||
CVE-2013-5424 | 1 Ibm | 1 Flex System Manager | 2024-02-04 | 6.8 MEDIUM | N/A |
IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account. | |||||
CVE-2013-5438 | 1 Ibm | 1 Flex System Manager | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the web server in IBM Flex System Manager (FSM) 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |