cvedb.io
CVE-2017-3774
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-04-19T14:29:00.357 · Last modified 2026-06-17T01:18:54.717

Summary

A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption.

Affected products

lenovo — integrated_management_module_2

Does this affect you?

Add your gear to cvedb and we'll alert you only when lenovo ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.