4 results (0.004 seconds)

CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0

22 Aug 2022 — IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. IBM OPENBMC versiones OP910 y OP940, podrían permitir a un usuario privilegiado cargar un certificado de identidad de sitio inapropiado que podría causar la pérdida de servicios de red. IBM X-Force ID: 207221. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207221 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

04 Feb 2022 — IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047. IBM OPENBMC OP920, OP930 y OP940, podrían permitir a un usuario no autenticado obtener información confidencial. IBM X-Force ID: 212047 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212047 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0

15 Dec 2021 — BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 205267. La configuración del firmware de BMC (IBM Power System S821LC Server (8001-12C) OP825.50) ha cambiado para permitir que un usuario autenticado abra un canal de comunicación no seguro que podría permitir a un atacante conseguir in... • https://exchange.xforce.ibmcloud.com/vulnerabilities/205267 •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

06 Aug 2012 — IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character. IBM Power Hardware Management Console (HMC) v7R3.5.0 anteriores a vSP4, v7R7.1.0 y 7R7.2.0 anteriores a v7R7.2.0 SP3, y 7R7.3.0 anteriores a S... • http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_power_hmc_viosrvcmd_command_allows_elevated_privilege_on_vios_cve_2012_218825 • CWE-264: Permissions, Privileges, and Access Controls •