CVE-2012-2187 - OpenCVE

IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Remote Supervisor Adapter Ii Firmware X3650 X3850 X3950

Configuration 1 [-]

AND

OR	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware::::::::
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.0:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.1:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.2:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.3:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.4:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.5:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.6:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.7:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.8:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.9:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.10:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.11:::::::*
	cpe:2.3:a:ibm:remote_supervisor_adapter_ii_firmware:1.12:::::::*

OR	cpe:2.3:h:ibm:x3650::::::::
	cpe:2.3:h:ibm:x3850:m2:::::::*
	cpe:2.3:h:ibm:x3950:m2:::::::*

No data.

References

Link	Providers
http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25
http://www.securityfocus.com/bid/55609
https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=MIGR-5091525

History

No history.

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2012-09-25T20:00:00

Updated: 2024-08-06T19:26:09.355Z

Reserved: 2012-04-04T00:00:00

Link: CVE-2012-2187

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-09-25T20:55:00.877

Modified: 2013-02-12T05:08:29.460

Link: CVE-2012-2187

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object