Lucene search

IBM99E23796B7739ABB45B57FD7B94AD1121E071657477AD076EFC98867DB2226BE

HistorySep 23, 2021 - 1:31 a.m.

Security Bulletin: Vulnerabilities in openssh affect Power Hardware Management Console (CVE-2016-0777, CVE-2016-0778)

2021-09-2301:31:39

www.ibm.com

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

67.0%

JSON

Summary

OpenSSH is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.

Vulnerability Details

CVEID: CVE-2016-0777**
DESCRIPTION:** OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client information leak from using the roaming connection feature. By persuading a victim to connect to a malicious server, an attacker could exploit this vulnerability to retrieve private cryptographic keys or other sensitive information.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109635 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)

CVEID: CVE-2016-0778**
DESCRIPTION:** OpenSSH is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the packet_write_wait() and ssh_packet_write_wait() API functions when two non-default options: a ProxyCommand and either ForwardAgent or ForwardX11are used. By persuading a victim to connect to a malicious server, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109636 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)

Affected Products and Versions

Power HMC V7.3.0.0
Power HMC V7.9.0.0
Power HMC V8.1.0.0
Power HMC V8.2.0.0
Power HMC V8.3.0.0
Power HMC V8.4.0.0

Remediation/Fixes

Product

VRMF

APAR

Remediation/Fix

—|—|—|—

Power HMC

V7.7.3.0 SP7

MB03733

Apply eFix MH01604

Power HMC

V7.7.9.0 SP3

MB03737

Apply eFix MH01605

Power HMC

V8.8.1.0 SP3

MB03738

Apply eFix MH01606

Power HMC

V8.8.2.0 SP2

MB03739

Apply eFix MH01607

Power HMC

V8.8.3.0 SP1

MB03744

Apply eFix MH01608

Power HMC

V8.8.4.0

MB03746

Apply eFix MH01609

Workarounds and Mitigations

None

CPENameOperatorVersion
power system hardware management console physical applianceeqany

CPE	Name	Operator	Version
	power system hardware management console physical appliance	eq	any

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

67.0%

JSON

Related for 99E23796B7739ABB45B57FD7B94AD1121E071657477AD076EFC98867DB2226BE