private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2009-04-13 09:30
Updated : 2018-10-10 12:35
NVD link : CVE-2009-1289
Mitre link : CVE-2009-1289
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
ibm
- bladecenter
- advanced_management_module