Intrusion Prevention

IBM.BladeCenter.Management.Module.Information.Disclosure

Description

This indicates an attack attempt against an information disclosure vulnerability in IBM bladecenter management module.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted URL. It allows a remote attacker to steal cookie-based authentication credentials and other information.

Affected Products

IBM IBM BladeCenter Managemet Module BPET48L

Impact

Information disclosure.
Malicious users may be able to bypass certain security restrictions and compromise a vulnerable system.

Recommended Actions

Apply the patch supplied by the vendor.

CVE References

CVE-2010-2656