Lucene search

IbmCVELIST:CVE-2019-4169

HistoryAug 16, 2019 - 12:00 a.m.

CVE-2019-4169

2019-08-1600:00:00

ibm

www.cve.org

8.1 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.9%

JSON

IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702.

CNA Affected

[
  {
    "product": "P9 OpenPOWER",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "OP920"
      }
    ]
  },
  {
    "product": "P9 OpenPower",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "OP910"
      }
    ]
  }
]

References

www.ibm.com/support/docview.wss?uid=ibm10881209

exchange.xforce.ibmcloud.com/vulnerabilities/158702

8.1 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.9%

JSON

Related for CVELIST:CVE-2019-4169