ID
VAR-E-201408-0093
CVE
| cve_id: | CVE-2014-4752 | Trust: 0.3 |
TITLE
Multiple IBM System Networking Products Hard Coded Credentials Authentication Bypass Vulnerability
Trust: 0.3
DESCRIPTION
Multiple IBM System Networking Products are prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access to the affected device. This may aid in further attacks.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | ibm | model: | system networking rackswitch g8332 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8316 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8264cs | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8264-t | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8264 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8124-er | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8124-e | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8124 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8052 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8000 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | server connectivity module | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system interconnect fabric | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system fabric si4093 system interconnect module | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system fabric en4093r 10gb scalable switch | scope: | eq | version: | 7.8.4.0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system fabric en4093 10gb scalable switch | scope: | eq | version: | 7.8.4.0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system fabric cn4093 10gb converged scalable switch | scope: | eq | version: | 7.8.4.0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system en2092 1gb ethernet scalable switch | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | 1g switch for bladecenter | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | 10g vfsm for bladecenter | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | 1:10g switch for bladecenter | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8332 | scope: | ne | version: | 7.7.170 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8316 | scope: | ne | version: | 7.9.100 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8264cs | scope: | ne | version: | 7.8.60 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8264-t | scope: | ne | version: | 7.9.100 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8264 | scope: | ne | version: | 7.9.100 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8124-er | scope: | ne | version: | 7.9.100 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8124-e | scope: | ne | version: | 7.9.100 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8124 | scope: | ne | version: | 7.9.100 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8052 | scope: | ne | version: | 7.9.100 | Trust: 0.3 |
| vendor: | ibm | model: | system networking rackswitch g8000 | scope: | ne | version: | 7.1.70 | Trust: 0.3 |
| vendor: | ibm | model: | server connectivity module | scope: | ne | version: | 1.1.34 | Trust: 0.3 |
| vendor: | ibm | model: | flex system interconnect fabric | scope: | ne | version: | 21.0.210 | Trust: 0.3 |
| vendor: | ibm | model: | flex system fabric si4093 system interconnect module | scope: | ne | version: | 7.8.60 | Trust: 0.3 |
| vendor: | ibm | model: | flex system fabric en4093r 10gb scalable switch | scope: | ne | version: | 7.8.6.0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system fabric en4093 10gb scalable switch | scope: | ne | version: | 7.8.6.0 | Trust: 0.3 |
| vendor: | ibm | model: | flex system en2092 1gb ethernet scalable switch | scope: | ne | version: | 7.8.60 | Trust: 0.3 |
| vendor: | ibm | model: | 1g switch for bladecenter | scope: | ne | version: | 5.3.50 | Trust: 0.3 |
| vendor: | ibm | model: | 10g vfsm for bladecenter | scope: | ne | version: | 7.8.140 | Trust: 0.3 |
| vendor: | ibm | model: | 1:10g switch for bladecenter | scope: | ne | version: | 7.4.80 | Trust: 0.3 |
EXPLOIT
Attackers can exploit this issue using readily available utilities.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Design Error
Trust: 0.3
CREDITS
IBM
Trust: 0.3
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-4752 | Trust: 0.3 |
| db: | BID | id: | 69968 | Trust: 0.3 |
REFERENCES
| url: | http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096232 | Trust: 0.3 |
| url: | http://www.ibm.com | Trust: 0.3 |
SOURCES
| db: | BID | id: | 69968 |
LAST UPDATE DATE
2022-07-27T09:35:24.603000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 69968 | date: | 2014-08-07T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 69968 | date: | 2014-08-07T00:00:00 |