Lucene search

China National Vulnerability DatabaseCNVD-2024-09947

HistoryFeb 22, 2024 - 12:00 a.m.

IBM PowerSC Authentication Error Vulnerability

2024-02-2200:00:00

China National Vulnerability Database

www.cnvd.org.cn

ibm

powersc

authentication

vulnerability

single-factor

risk

compromise

servers

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

10.6%

JSON

IBM PowerSC is an International Business Machines (IBM) security and compliance solution for IBM Power Systems servers. IBM PowerSC has an Authentication Error Vulnerability vulnerability that stems from the use of single-factor authentication, which can be exploited by an attacker to cause a risk of compromise.

CPENameOperatorVersion
ibm powersceq1.3
ibm powersceq2.0
ibm powersceq2.1

Name	Operator	Version
ibm powersc	eq	1.3
ibm powersc	eq	2.0
ibm powersc	eq	2.1

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

10.6%

JSON

Related for CNVD-2024-09947