IBM Flex System CMM and IMM2 Modules Information Disclosure Vulnerability


Details

Vulnerable Systems:
 * IBM Flex System CMM version 1.00.0
 * IBM Flex System CMM version 1.20.2
 * IBM Flex System IMM2 version 1.34
 * IBM Flex System IMM2 version 1.45
 * IBM Flex System IMM2 version 1.60

IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow local users to obtain sensitive information about (1) local accounts, (2) SSH private keys, (3) SSL/TLS private keys, (4) SNMPv3 communities, and (5) LDAP credentials by leveraging unspecified side effects of service or maintenance activity.

CVE Information:
CVE-2012-4838

Disclosure Timeline:
Published: December 07 2012

Categories: News