var-201209-0571
Vulnerability from variot
IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors. IBM Remote Supervisor Adapter II is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Attackers can exploit this vulnerability to break through the encryption protection mechanism through unknown vectors
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0571",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "remote supervisor adapter ii",
"scope": "lte",
"trust": 1.8,
"vendor": "ibm",
"version": "1.13"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.8"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.10"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.12"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.9"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.11"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.6"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.7"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.5"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.3"
},
{
"model": "system x3650",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "system x3850",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "m2"
},
{
"model": "system x3950",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "m2"
},
{
"model": "remote supervisor adapter ii",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.13"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:ibm:x3650",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:ibm:x3850",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:ibm:x3950",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:remote_supervisor_adapter_ii_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "University of Michigan and UC San Diego",
"sources": [
{
"db": "BID",
"id": "55609"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2187",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2012-2187",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-55468",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2187",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-2187",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-539",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55468",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors. IBM Remote Supervisor Adapter II is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Attackers can exploit this vulnerability to break through the encryption protection mechanism through unknown vectors",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2187"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "VULHUB",
"id": "VHN-55468"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2187",
"trust": 2.8
},
{
"db": "BID",
"id": "55609",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-55468",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"id": "VAR-201209-0571",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:10:01.391000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Weak Key Vulnerability in Remote Supervisor Adapter II firmware (CVE-2012-2187)",
"trust": 0.8,
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
},
{
"title": "ibm_fw_rsa2_a3ep47a_linux_i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44994"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_weak_key_vulnerability_in_remote_supervisor_adapter_ii_firmware_cve_2012_2187_ibm_system_x3650_system_x3850_m2_system_x3950_m25"
},
{
"trust": 1.7,
"url": "https://www-947.ibm.com/support/entry/myportal/docdisplay?lndocid=migr-5091525"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55609"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2187"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2187"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-55468"
},
{
"db": "BID",
"id": "55609"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
},
{
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-55468"
},
{
"date": "2012-09-17T00:00:00",
"db": "BID",
"id": "55609"
},
{
"date": "2012-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"date": "2012-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-539"
},
{
"date": "2012-09-25T20:55:00.877000",
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-55468"
},
{
"date": "2012-10-19T15:30:00",
"db": "BID",
"id": "55609"
},
{
"date": "2012-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004588"
},
{
"date": "2012-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-539"
},
{
"date": "2024-11-21T01:38:40.363000",
"db": "NVD",
"id": "CVE-2012-2187"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural IBM For product IBM Remote Supervisor Adapter II Vulnerability that breaks cryptographic protection mechanisms in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004588"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-539"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…