Security AppScan Report HTTP.SYS Remote Code Execution on IMM2

Troubleshooting

Problem

When users scan the Integrated Management Module II (IMM2) with IBM Security AppScan, it reports the following message: HTTP.sys Remote Code Execution

Resolving The Problem

Source

RETAIN tip: H214777

Symptom

When users scan the Integrated Management Module II (IMM2) with Security AppScan, it reports the following message:

	HTTP.sys Remote Code Execution

Affected configurations

The system can be any of the following servers:

System x3500 M5, type 5464, any model

This tip is not software specific.

This tip is not option specific.

The following system firmware level is affected: IMM2 Build ID TCOO09G

Additional information

HTTP.sys Remote Code Execution is a security vulnerability that affects Microsoft Windows Internet Information Server (IIS). IMM2 does not have this vulnerability because IMM2 Web service is not using Microsoft Windows Internet Information Server.

Document Location

Worldwide

Operating System

Lenovo x86 servers:Operating system independent / None

[{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QUOFI3C","label":"Lenovo x86 servers->Lenovo System x3500 M5->5464"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}}]

Tips

Security AppScan Report HTTP.SYS Remote Code Execution on IMM2 - Lenovo System x3500 (5464)

Troubleshooting

Problem

Resolving The Problem

Source

Symptom

Affected configurations

Additional information

Document Location

Operating System

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?