Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) logs or (2) core files via direct requests, as demonstrated by a request for private/sdc.tgz.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM BladeCenter 固件BPET48L权限许可和访问控制漏洞
Vulnerability Description
具有高级管理模块(AMM)固件BPET48L,可能还有4.7之前版本以及5.0版本的IBM BladeCenter 在web根目录下存储着敏感信息而没有经过充分的访问控制限制,远程攻击者可以通过直接请求下载(1)日志或者(2)核心文件。
CVSS Information
N/A
Vulnerability Type
N/A