5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.016 Low
EPSS
Percentile
85.6%
glibc is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.
CVEID: CVE-2014-8121**
DESCRIPTION:** GNU C Library (glibc) is vulnerable to a denial of service, caused by the failure to properly check if a file is open by DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS). By performing a look-up on a database while iterating over it, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/102652 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Power HMC V7.3.0.0
Power HMC V7.8.0.0
Power HMC V7.9.0.0
Product
|
VRMF
|
APAR
|
Remediation/Fix
—|—|—|—
Power HMC
|
V8.730.0 SP1
|
MB03965
|
Power HMC
|
V7.780.0 SP2
|
MB03965
|
Power HMC
|
V7.790.0 SP2
|
MB03966
|
None
CPE | Name | Operator | Version |
---|---|---|---|
power system hardware management console physical appliance | eq | any |