CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2012-3296
https://notcve.org/view.php?id=CVE-2012-3296
17 Aug 2012 — Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el enlace de Ayuda en el panel de inicio de sesión en IBM Power Hardware Management Console (HMC) v7R7.1.0 antes SP4, v7R7.2.0 antes de SP2 y 7R7.3.0 permite a atacantes remoto... • http://secunia.com/advisories/50376 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2012-2188
https://notcve.org/view.php?id=CVE-2012-2188
06 Aug 2012 — IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character. IBM Power Hardware Management Console (HMC) v7R3.5.0 anteriores a vSP4, v7R7.1.0 y 7R7.2.0 anteriores a v7R7.2.0 SP3, y 7R7.3.0 anteriores a S... • http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_power_hmc_viosrvcmd_command_allows_elevated_privilege_on_vios_cve_2012_218825 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1806
https://notcve.org/view.php?id=CVE-2009-1806
28 May 2009 — Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.4.0 SP2, when Active Memory Sharing is used, has unknown impact and attack vectors, related to a shared memory partition and a shared memory pool with redundant paging Virtual I/O Server (VIOS) partitions. NOTE: some of these details are obtained from third party information. Vulnerabilidad sin especificar en IBM Hardware Management Console (HMC) 7 release v3.4.0 SP2, cuando la memoria activa compartida es utilizada, tiene un imp... • http://www-1.ibm.com/support/docview.wss?uid=isg1MB03011 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2009-0178
https://notcve.org/view.php?id=CVE-2009-0178
20 Jan 2009 — Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors. Vulnerabilidad no especificada en IBM Hardware Management Console (HMC) 7 release v3.2.0 SP1 tiene un impacto y vectores de ataque desconocidos. • http://osvdb.org/51432 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2008-5035
https://notcve.org/view.php?id=CVE-2008-5035
10 Nov 2008 — The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 and 3.3.0 SP2 allows remote attackers to cause a denial of service (daemon crash or hang) via a packet with an invalid length. El demonio de Control y gestión de Recursos (RMC) en la Consola de Gestión de Hardware de IBM (HMC) 7 v3.2.0 SP1 y v3.3.0 SP2 permite a atacantes remotos provocar una denegación de servicio (cuelgue o caída del demonio) a través de un paquete con longitud inválida. • http://secunia.com/advisories/32571 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2008-0495
https://notcve.org/view.php?id=CVE-2008-0495
30 Jan 2008 — Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el servidor Pegasus CIM en IBM Hardware Management Console (HMC) 7 R3.2.0 permite a atacantes remotos provocar una denegación de servicio a través de vectores no especificados. • http://secunia.com/advisories/28667 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2007-6305
https://notcve.org/view.php?id=CVE-2007-6305
10 Dec 2007 — Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via "some HMC commands." Múltiples vulnerabilidades no especificadas en IBM Hardware Management Console (HMC) 7 R3.2.0 permite a atacantes obtener privilegios mediante "algunos comandos HMC". • http://secunia.com/advisories/27961 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2007-6293
https://notcve.org/view.php?id=CVE-2007-6293
10 Dec 2007 — Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands." Múltiples vulnerabilidades no especificadas en IBM Hardware Management Console (HMC) 6 R1.3 permiten a atacantes remotos obtener privilegios mediante "algunos comandos HMC". • http://osvdb.org/40946 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6294
https://notcve.org/view.php?id=CVE-2007-6294
10 Dec 2007 — Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers to gain privileges via "some HMC commands." Múltiples vulnerabilidades no especificadas en IBM Hardware Management Console (HMC) 3 R3.7 permiten a atacantes remotos obtener privilegios mediante "algunos comandos HMC". • http://osvdb.org/41623 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0539
https://notcve.org/view.php?id=CVE-2005-0539
24 Feb 2005 — Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard. • http://secunia.com/advisories/14377 •