5 results (0.002 seconds)

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337. IBM OpenBMC OP910 y OP940 podrían permitir que un usuario privilegiado provoque una Denegación de Servicio (DoS) cargando o eliminando demasiados certificados de CA en un corto período de tiempo. ID de IBM X-Force: 2226337. • https://exchange.xforce.ibmcloud.com/vulnerabilities/226337 https://www.ibm.com/support/pages/node/6840155 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0

IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. IBM OPENBMC versiones OP910 y OP940, podrían permitir a un usuario privilegiado cargar un certificado de identidad de sitio inapropiado que podría causar la pérdida de servicios de red. IBM X-Force ID: 207221. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207221 https://www.ibm.com/support/pages/node/6614233 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047. IBM OPENBMC OP920, OP930 y OP940, podrían permitir a un usuario no autenticado obtener información confidencial. IBM X-Force ID: 212047 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212047 https://www.ibm.com/support/pages/node/6529322 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0

IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702. IBM Open Power versiones de Firmware OP910 y OP920, podrían permitir el acceso a BMC por medio de IPMI usando la contraseña OpenBMC predeterminada incluso después de que la contraseña de BMC fue cambiada alejada de la contraseña predeterminada. ID de IBM X-Force: 158702. • http://www.ibm.com/support/docview.wss?uid=ibm10881209 https://exchange.xforce.ibmcloud.com/vulnerabilities/158702 • CWE-1188: Initialization of a Resource with an Insecure Default •

CVSS: 6.9EPSS: 0%CPEs: 22EXPL: 0

The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instruction memory and circumvent secure boot protections, install trojans, etc. IBM X-Force ID: 154345. El bootloader del firmware de arranque de IBM Power 9 OP910, OP920 y FW910 es responsable de cargar y validar la imagen de firmware de arranque inicial que inicializa el resto del hardware del sistema. El firmware del bootloader contiene una vulnerabilidad de desbordamiento de búfer por la que, si un atacante pudiese reemplazar la imagen de firmware de arranque inicial por un reemplazo cuidadosamente manipulado y lo suficientemente grande, podría provocar que el bootloader sobrescriba su propia memoria de instrucción durante la carga de dicha imagen y omita las protecciones de arranque seguras, instale troyanos, etc. • https://exchange.xforce.ibmcloud.com/vulnerabilities/154345 https://www.ibm.com/support/docview.wss?uid=ibm10868992 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •