CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38280 – IBM Power HMC privilege escalation
https://notcve.org/view.php?id=CVE-2023-38280
IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 260740. IBM HMC (Hardware Management Console) 10.1.1010.0 y 10.2.1030.0 podría permitir a un usuario local escalar sus privilegios al acceso root en un shell restringido. ID de IBM X-Force: 260740. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260740 https://www.ibm.com/support/pages/node/7047713 • CWE-269: Improper Privilege Management •
CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0CVE-2021-29891
https://notcve.org/view.php?id=CVE-2021-29891
IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221. IBM OPENBMC versiones OP910 y OP940, podrían permitir a un usuario privilegiado cargar un certificado de identidad de sitio inapropiado que podría causar la pérdida de servicios de red. IBM X-Force ID: 207221. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207221 https://www.ibm.com/support/pages/node/6614233 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-38960
https://notcve.org/view.php?id=CVE-2021-38960
IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047. IBM OPENBMC OP920, OP930 y OP940, podrían permitir a un usuario no autenticado obtener información confidencial. IBM X-Force ID: 212047 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212047 https://www.ibm.com/support/pages/node/6529322 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0CVE-2021-29847
https://notcve.org/view.php?id=CVE-2021-29847
BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 205267. La configuración del firmware de BMC (IBM Power System S821LC Server (8001-12C) OP825.50) ha cambiado para permitir que un usuario autenticado abra un canal de comunicación no seguro que podría permitir a un atacante conseguir información confidencial usando técnicas de tipo man in the middle. IBM X-Force ID: 205267 • https://exchange.xforce.ibmcloud.com/vulnerabilities/205267 https://www.ibm.com/support/pages/node/6520420 •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29707
https://notcve.org/view.php?id=CVE-2021-29707
IBM HMC (Hardware Management Console) V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879. IBM HMC (Hardware Management Console) versiones V9.1.910.0 y V9.2.950.0, podría permitir a un usuario local escalar sus privilegios hasta el acceso de root en un shell restringido. IBM X-Force ID: 200879 • https://exchange.xforce.ibmcloud.com/vulnerabilities/200879 https://www.ibm.com/support/pages/node/6473347 •