NuytsTech Security

CVE-2009-1289

by ·

private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter.

Date published : 2009-04-13

http://www.securityfocus.com/bid/34447

http://www.securityfocus.com/archive/1/502582/100/0/threaded

Tags: