CVE-2015-1992
https://notcve.org/view.php?id=CVE-2015-1992
IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0, and 6.3.6.0 improperly processes events, which allows local users to gain privileges via unspecified vectors. Vulnerabilidad en IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0 y 6.3.6.0 procesa inadecuadamente eventos, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=nas7d9a0db411a9071e986257e8c0029b365 http://www-01.ibm.com/support/docview.wss?uid=swg1IT08185 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098524 http://www.securitytracker.com/id/1033653 •
CVE-2014-3099
https://notcve.org/view.php?id=CVE-2014-3099
Unspecified vulnerability in the Security component in IBM Systems Director 6.3.0 through 6.3.5 allows local users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en el componente Security en IBM Systems Director 6.3.0 hasta 6.3.5 permite a usuarios locales obtener información sensible a través de vectores desconocidos. • http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas76c9e0fe437973f6c86257d48003b00b9 http://www-01.ibm.com/support/docview.wss?uid=swg1IT04508 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096586 http://www.securityfocus.com/bid/71426 https://exchange.xforce.ibmcloud.com/vulnerabilities/94267 •
CVE-2012-2188
https://notcve.org/view.php?id=CVE-2012-2188
IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character. IBM Power Hardware Management Console (HMC) v7R3.5.0 anteriores a vSP4, v7R7.1.0 y 7R7.2.0 anteriores a v7R7.2.0 SP3, y 7R7.3.0 anteriores a SP2, y Systems Director Management Console (SDMC) v6R7.3.0 anteriores a SP2, no restringe de forma adecuada el comando VIOS viosrvcmd, lo que permite a usuarios locales a obtener privilegios a través de vectores que implican los caracteres (1) $ (signo del dolar) o (2) & (ampersand). • http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_power_hmc_viosrvcmd_command_allows_elevated_privilege_on_vios_cve_2012_218825 http://www.ibm.com/support/docview.wss?uid=isg1MB03548 http://www.ibm.com/support/docview.wss?uid=isg1MB03550 http://www.ibm.com/support/docview.wss?uid=isg1MB03554 http://www.ibm.com/support/docview.wss?uid=isg1MB03580 https://exchange.xforce.ibmcloud.com/vulnerabilities/75906 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-2163
https://notcve.org/view.php?id=CVE-2011-2163
Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 has unknown impact and attack vectors. Vulnerabilidad no especificada en Virtualization Manager v1.2.2 en IBM Systems Director v1.2.2, tiene un impacto y vectores de ataque desconocidos. • http://www-01.ibm.com/support/docview.wss?uid=nas7057acf6c8f05fa568625787e0059fb36 http://www.vupen.com/english/advisories/2011/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/67516 •
CVE-2010-4274
https://notcve.org/view.php?id=CVE-2010-4274
reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership. reset_diragent_keys en el agente Common en IBM Systems Director v6.2.0 tiene 754 de permisos, lo que permite a usuarios locales obtener privilegios aprovechando su pertenencia al grupo del sistema • http://secunia.com/advisories/42239 http://securitytracker.com/id?1024736 http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821 http://www.securityfocus.com/bid/44839 http://www.vupen.com/english/advisories/2010/2978 https://exchange.xforce.ibmcloud.com/vulnerabilities/63238 • CWE-264: Permissions, Privileges, and Access Controls •