Flex System Manager
CVE-2013-5424
MEDIUM
Severity by source
AV:N/AC:M/Au:N/C:P/I:P/A:P
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:M/Au:N/C:P/I:P/A:P
Lifecycle Timeline
1DescriptionCVE.org
IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account.
AnalysisAI
IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-264. IBM Flex System Manager (FSM) 1.3.0 allows remote attackers to bypass intended access restrictions, and create new user accounts or execute tasks, by leveraging an expired password for the system-level account. Affected products include: Ibm Flex System Manager.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Flex System Manager
View allIBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unsp
Cross-site scripting (XSS) vulnerability in the web server in IBM Flex System Manager (FSM) 1.1.0 through 1.3 allows rem
The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak
IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sens
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today