Lucene search

K

IbmCVELIST:CVE-2012-2188

HistoryAug 06, 2012 - 4:00 p.m.

CVE-2012-2188

2012-08-0616:00:00

ibm

www.cve.org

4

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

5.1%

IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character.

References

www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_power_hmc_viosrvcmd_command_allows_elevated_privilege_on_vios_cve_2012_218825

www.ibm.com/support/docview.wss?uid=isg1MB03548

www.ibm.com/support/docview.wss?uid=isg1MB03550

www.ibm.com/support/docview.wss?uid=isg1MB03554

www.ibm.com/support/docview.wss?uid=isg1MB03580

exchange.xforce.ibmcloud.com/vulnerabilities/75906

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

5.1%

Related for CVELIST:CVE-2012-2188

prion1 nvd1 cve1