CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22309
https://notcve.org/view.php?id=CVE-2022-22309
24 May 2022 — The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095. El FSP de los sistemas POWER es vulnerable a los inicios de sesión no autenticados mediante el puerto serie/interfaz TTY. Esta vulnerabilidad puede ser más crítica si el puerto serie está conectado a un dispositivo serial-over-lan. • https://exchange.xforce.ibmcloud.com/vulnerabilities/217095 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.9EPSS: 0%CPEs: 22EXPL: 0CVE-2018-1992
https://notcve.org/view.php?id=CVE-2018-1992
21 Mar 2019 — The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instr... • https://exchange.xforce.ibmcloud.com/vulnerabilities/154345 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •