First published: Wed Jul 07 2010(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allow remote attackers to inject arbitrary web script or HTML via the (1) INDEX or (2) IPADDR parameter to private/cindefn.php, (3) the domain parameter to private/power_management_policy_options.php, the slot parameter to (4) private/pm_temp.php or (5) private/power_module.php, (6) the WEBINDEX parameter to private/blade_leds.php, or (7) the SLOT parameter to private/ipmi_bladestatus.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ibm Advanced Management Module | <=2.48 | |
Ibm Advanced Management Module | <=3.54 | |
Ibm Advanced Management Module | =1.00 | |
Ibm Advanced Management Module | =1.01 | |
Ibm Advanced Management Module | =1.20 | |
Ibm Advanced Management Module | =1.20-f | |
Ibm Advanced Management Module | =1.25 | |
Ibm Advanced Management Module | =1.25-e | |
Ibm Advanced Management Module | =1.25-i | |
Ibm Advanced Management Module | =1.26-b | |
Ibm Advanced Management Module | =1.26-e | |
Ibm Advanced Management Module | =1.26-h | |
Ibm Advanced Management Module | =1.26-i | |
Ibm Advanced Management Module | =1.26-k | |
Ibm Advanced Management Module | =1.28-g | |
Ibm Advanced Management Module | =1.32-d | |
Ibm Advanced Management Module | =1.34-b | |
Ibm Advanced Management Module | =1.34-e | |
Ibm Advanced Management Module | =1.36-d | |
Ibm Advanced Management Module | =1.36-g | |
Ibm Advanced Management Module | =1.36-h | |
Ibm Advanced Management Module | =1.36-k | |
Ibm Advanced Management Module | =1.42-d | |
Ibm Advanced Management Module | =1.42-f | |
Ibm Advanced Management Module | =1.42-i | |
Ibm Advanced Management Module | =1.42-n | |
Ibm Advanced Management Module | =1.42-o | |
Ibm Advanced Management Module | =1.42-t | |
Ibm Advanced Management Module | =2.46-c | |
Ibm Advanced Management Module | =2.46-j | |
Ibm Advanced Management Module | =2.48-c | |
Ibm Advanced Management Module | =2.48-d | |
Ibm Advanced Management Module | =2.48-g | |
Ibm Advanced Management Module | =2.48-n | |
Ibm Advanced Management Module | =2.50-c | |
Ibm Advanced Management Module | =2.50-g | |
Ibm Advanced Management Module | =2.50-k | |
Ibm Advanced Management Module | =2.50-p | |
Ibm Advanced Management Module | =3.54-d | |
IBM BladeCenter |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.