Lucene search

[email protected]CVE-2016-0230

HistoryJul 07, 2016 - 2:59 p.m.

CVE-2016-0230

2016-07-0714:59:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm

power hardware management console

hmc

cve-2016-0230

root access

security vulnerability

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.8%

JSON

IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0 allows physically proximate attackers to obtain root access via unspecified vectors.

CPENameOperatorVersion
ibm:hardware_management_consoleibm hardware management consoleeq7.9.0
ibm:hardware_management_consoleibm hardware management consoleeq8.1.0
ibm:hardware_management_consoleibm hardware management consoleeq8.2.0
ibm:hardware_management_consoleibm hardware management consoleeq8.3.0
ibm:hardware_management_consoleibm hardware management consoleeq7.3.0
ibm:hardware_management_consoleibm hardware management consoleeq8.4.0
ibm:hardware_management_consoleibm hardware management consoleeq8.5.0

CPE	Name	Operator	Version
ibm:hardware_management_console	ibm hardware management console	eq	7.9.0
ibm:hardware_management_console	ibm hardware management console	eq	8.1.0
ibm:hardware_management_console	ibm hardware management console	eq	8.2.0
ibm:hardware_management_console	ibm hardware management console	eq	8.3.0
ibm:hardware_management_console	ibm hardware management console	eq	7.3.0
ibm:hardware_management_console	ibm hardware management console	eq	8.4.0
ibm:hardware_management_console	ibm hardware management console	eq	8.5.0

References

www-01.ibm.com/support/docview.wss?uid=nas8N1021387

www-01.ibm.com/support/docview.wss?uid=swg1MB04021

www-01.ibm.com/support/docview.wss?uid=swg1MB04022

www-01.ibm.com/support/docview.wss?uid=swg1MB04023

www-01.ibm.com/support/docview.wss?uid=swg1MB04024

www-01.ibm.com/support/docview.wss?uid=swg1MB04025

www-01.ibm.com/support/docview.wss?uid=swg1MB04026

www-01.ibm.com/support/docview.wss?uid=swg1MB04027

www.securityfocus.com/bid/91535

delivery04.dhe.ibm.com/sar/CMA/HMA/069vc/2/MH01635.readme.html

delivery04.dhe.ibm.com/sar/CMA/HMA/069y2/1/MH01636.readme.html

delivery04.dhe.ibm.com/sar/CMA/HMA/06a1r/2/MH01638.readme.html

delivery04.dhe.ibm.com/sar/CMA/HMA/06a1v/2/MH01639.readme.html

delivery04.dhe.ibm.com/sar/CMA/HMA/06a2q/1/MH01640.readme.html

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.8%

JSON

Related for CVE-2016-0230

cvelist1 prion1