CVE-2014-4752
CVE-2014-4752 is a critical-severity vulnerability in Ibm System Networking Rackswitch G8332 Firmware with a CVSS 2.0 base score of 10.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Critical (CVSS 2.0 base score 10.0)
- EPSS exploit prediction: 2% (79th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Ibm System Networking Rackswitch G8332 Firmware
- Published:
- Last modified:
Description
IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM for Bladecenter before 7.8.14.0; 1:10G switch for Bladecenter before 7.4.8.0; 1G switch for Bladecenter before 5.3.5.0; Server Connectivity Module before 1.1.3.4; System Networking RackSwitch G8332 before 7.7.17.0; and System Networking RackSwitch G8000 before 7.1.7.0 have hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
Frequently asked questions
- What is CVE-2014-4752?
- IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM for Bladecenter before 7.8.14.0; 1:10G switch for Bladecenter before 7.4.8.0; 1G switch for Bladecenter before 5.3.5.0; Server Connectivity Module before 1.1.3.4; System Networking RackSwitch G8332 before 7.7.17.0; and System Networking RackSwitch G8000 before 7.1.7.0 have hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
- How severe is CVE-2014-4752?
- CVE-2014-4752 has a CVSS 2.0 base score of 10.0, rated critical severity.
- Is CVE-2014-4752 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (79th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2014-4752?
- CVE-2014-4752 primarily affects Ibm System Networking Rackswitch G8332 Firmware. In total, 40 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2014-4752?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- When was CVE-2014-4752 published?
- CVE-2014-4752 was published on 2014-09-23 and last updated on 2026-06-17.
References
- http://secunia.com/advisories/54512
- http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096232
Affected products (40)
- cpe:2.3:o:ibm:system_networking_rackswitch__g8332_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8332:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:bladecenter_1g_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter_1g:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8052_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8124_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8124e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8124er_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8264_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8264t_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8316_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8052:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8124:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8124e:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8124er:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8264:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8264t:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8316:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:bladecenter_1\/10g_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter_1\/10g:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:flex_system_interconnect_fabric_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:flex_system_interconnect_fabric:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:bladecenter_1g_l2-7_slb_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter_1g_l2-7_slb:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:bladecenter_10g_vfsm_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:bladecenter_10g_vfsm:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__cn4093_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__en2092_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__en4093_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__en4093r_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__g8264cs_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:system_networking_rackswitch__si4093_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__cn4093:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__en2092:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__en4093:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__en4093r:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__g8264cs:-:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:system_networking_rackswitch__si4093:-:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:server_connectivity_module_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:server_connectivity_module:-:*:*:*:*:*:*:*