6 results (0.013 seconds)

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337. IBM OpenBMC OP910 y OP940 podrían permitir que un usuario privilegiado provoque una Denegación de Servicio (DoS) cargando o eliminando demasiados certificados de CA en un corto período de tiempo. ID de IBM X-Force: 2226337. • https://exchange.xforce.ibmcloud.com/vulnerabilities/226337 https://www.ibm.com/support/pages/node/6840155 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0

IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. IBM OPENBMC versiones OP910 y OP940, podrían permitir a un usuario privilegiado cargar un certificado de identidad de sitio inapropiado que podría causar la pérdida de servicios de red. IBM X-Force ID: 207221. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207221 https://www.ibm.com/support/pages/node/6614233 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047. IBM OPENBMC OP920, OP930 y OP940, podrían permitir a un usuario no autenticado obtener información confidencial. IBM X-Force ID: 212047 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212047 https://www.ibm.com/support/pages/node/6529322 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0

IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process. IBM Power9 Self Boot Engine (SBE), podría permitir a un usuario privilegiado inyectar código malicioso y comprometer la integridad del firmware del host al omitir el proceso de comprobación de la firma del firmware del host • https://exchange.xforce.ibmcloud.com/vulnerabilities/197730 https://www.ibm.com/support/pages/node/6455911 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0

IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702. IBM Open Power versiones de Firmware OP910 y OP920, podrían permitir el acceso a BMC por medio de IPMI usando la contraseña OpenBMC predeterminada incluso después de que la contraseña de BMC fue cambiada alejada de la contraseña predeterminada. ID de IBM X-Force: 158702. • http://www.ibm.com/support/docview.wss?uid=ibm10881209 https://exchange.xforce.ibmcloud.com/vulnerabilities/158702 • CWE-1188: Initialization of a Resource with an Insecure Default •