Details of VAR-201504-0451

ID

VAR-201504-0451

CVE

CVE-2015-3324

TITLE

plural ThinkServer for ThinkServer System Manager Baseboard Management Controller Vulnerable to server impersonation

Trust: 0.8

sources: JVNDB: JVNDB-2015-002389

DESCRIPTION

The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers. Lenovo ThinkServer System Manager is prone to a security-bypass vulnerability. Attackers can exploit this issue through man-in-the-middle attacks to gain access to sensitive information, which may lead to further attacks. Lenovo ThinkServer System Manager (TSM) Baseboard Management Controller (BMC) for ThinkServer RD350, etc. is a controller embedded in the hardware devices of ThinkServer RD350 and other servers from China Lenovo to manage and monitor server status. There is a security vulnerability in the TSM BMC of several Lenovo ThinkServer products using firmware versions earlier than 1.27.73476. An attacker can use this vulnerability to implement a man-in-the-middle attack to deceive the server. The following products are affected: ThinkServer RD350, RD450, RD550, RD650, TD350

Trust: 1.98

sources: NVD: CVE-2015-3324 // JVNDB: JVNDB-2015-002389 // BID: 74199 // VULHUB: VHN-81285

AFFECTED PRODUCTS

vendor:	lenovo	model:	thinkserver system manager baseboard management controller	scope:	eq	version:	118.71532	Trust: 1.6
vendor:	lenovo	model:	thinkserver td350	scope:	-	version:	-	Trust: 1.1
vendor:	lenovo	model:	thinkserver rd650	scope:	-	version:	-	Trust: 1.1
vendor:	lenovo	model:	thinkserver rd550	scope:	-	version:	-	Trust: 1.1
vendor:	lenovo	model:	thinkserver rd450	scope:	-	version:	-	Trust: 1.1
vendor:	lenovo	model:	thinkserver rd350	scope:	-	version:	-	Trust: 1.1
vendor:	lenovo	model:	thinkserver system manager baseboard management controller	scope:	lt	version:	1.27.73476	Trust: 0.8
vendor:	lenovo	model:	thinkserver system manager	scope:	eq	version:	0	Trust: 0.3
vendor:	lenovo	model:	thinkserver system manager	scope:	ne	version:	1.27.73476	Trust: 0.3

sources: BID: 74199 // JVNDB: JVNDB-2015-002389 // CNNVD: CNNVD-201504-373 // NVD: CVE-2015-3324

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-3324
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-3324
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201504-373
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-81285
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-3324
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-81285
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-81285 // JVNDB: JVNDB-2015-002389 // CNNVD: CNNVD-201504-373 // NVD: CVE-2015-3324

PROBLEMTYPE DATA

problemtype:

CWE-310

Trust: 1.9

sources: VULHUB: VHN-81285 // JVNDB: JVNDB-2015-002389 // NVD: CVE-2015-3324

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201504-373

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201504-373

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-002389

PATCH

title:	LEN-2015-024	url:	http://support.lenovo.com/us/en/product_security/tsm_weak_pw	Trust: 0.8
title:	tsm_v127-73476	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55053	Trust: 0.6

sources: JVNDB: JVNDB-2015-002389 // CNNVD: CNNVD-201504-373

EXTERNAL IDS

db:	NVD	id:	CVE-2015-3324	Trust: 2.8
db:	BID	id:	74199	Trust: 1.4
db:	JVNDB	id:	JVNDB-2015-002389	Trust: 0.8
db:	CNNVD	id:	CNNVD-201504-373	Trust: 0.7
db:	VULHUB	id:	VHN-81285	Trust: 0.1

sources: VULHUB: VHN-81285 // BID: 74199 // JVNDB: JVNDB-2015-002389 // CNNVD: CNNVD-201504-373 // NVD: CVE-2015-3324

REFERENCES

url:	http://support.lenovo.com/us/en/product_security/tsm_weak_pw	Trust: 2.0
url:	http://www.securityfocus.com/bid/74199	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3324	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3324	Trust: 0.8
url:	http://www.lenovo.com/ca/en/	Trust: 0.3

sources: VULHUB: VHN-81285 // BID: 74199 // JVNDB: JVNDB-2015-002389 // CNNVD: CNNVD-201504-373 // NVD: CVE-2015-3324

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 74199

SOURCES

db:	VULHUB	id:	VHN-81285
db:	BID	id:	74199
db:	JVNDB	id:	JVNDB-2015-002389
db:	CNNVD	id:	CNNVD-201504-373
db:	NVD	id:	CVE-2015-3324

LAST UPDATE DATE

2024-11-23T23:09:15.665000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-81285	date:	2016-12-06T00:00:00
db:	BID	id:	74199	date:	2015-03-24T00:00:00
db:	JVNDB	id:	JVNDB-2015-002389	date:	2015-04-21T00:00:00
db:	CNNVD	id:	CNNVD-201504-373	date:	2015-04-17T00:00:00
db:	NVD	id:	CVE-2015-3324	date:	2024-11-21T02:29:09.820

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-81285	date:	2015-04-16T00:00:00
db:	BID	id:	74199	date:	2015-03-24T00:00:00
db:	JVNDB	id:	JVNDB-2015-002389	date:	2015-04-21T00:00:00
db:	CNNVD	id:	CNNVD-201504-373	date:	2015-04-17T00:00:00
db:	NVD	id:	CVE-2015-3324	date:	2015-04-16T23:59:05.540