APP: IBM BladeCenter Management Module Information Disclosure
This signature detects attempts to exploit a known vulnerability in IBM BladeCenter Management Module. A successful attack can lead to unauthorized information disclosure.
Extended Description
IBM BladeCenter Management Module is prone to multiple cross-site scripting vulnerabilities, a directory-traversal vulnerability and an information-disclosure vulnerability. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, view arbitrary local files and directories within the context of the webserver, and to disclose sensitive information. This may let the attacker steal cookie-based authentication credentials and other information; harvested information may aid in launching further attacks. IBM BladeCenter Management Module BPET48L is affected; other versions may also be vulnerable.
Affected Products
Ibm ibm_bladecenter_managemet_module
Short Name
APP:IBM:BLADECENTER-INFO
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
BladeCenter CVE-2010-2656 Disclosure IBM Information Management Module bid:41383
Release Date
06/18/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Ibm
CVSS Score
5.0