CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
41.1%
BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 205267.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | power_hardware_management_console_\(7063-cr1\)_firmware | * | cpe:2.3:o:ibm:power_hardware_management_console_\(7063-cr1\)_firmware:*:*:*:*:*:*:*:* |
ibm | power_hardware_management_console_\(7063-cr1\) | - | cpe:2.3:h:ibm:power_hardware_management_console_\(7063-cr1\):-:*:*:*:*:*:*:* |
ibm | power_system_cs822lc_\(8005-22n\)_firmware | * | cpe:2.3:o:ibm:power_system_cs822lc_\(8005-22n\)_firmware:*:*:*:*:*:*:*:* |
ibm | power_system_cs822lc_\(8005-22n\) | - | cpe:2.3:h:ibm:power_system_cs822lc_\(8005-22n\):-:*:*:*:*:*:*:* |
ibm | power_system_cs821lc_\(8005-12n\)_firmware | * | cpe:2.3:o:ibm:power_system_cs821lc_\(8005-12n\)_firmware:*:*:*:*:*:*:*:* |
ibm | power_system_cs821lc_\(8005-12n\) | - | cpe:2.3:h:ibm:power_system_cs821lc_\(8005-12n\):-:*:*:*:*:*:*:* |
ibm | power_system_s822lc_\(8001-22c\)_firmware | * | cpe:2.3:o:ibm:power_system_s822lc_\(8001-22c\)_firmware:*:*:*:*:*:*:*:* |
ibm | power_system_s822lc_\(8001-22c\) | - | cpe:2.3:h:ibm:power_system_s822lc_\(8001-22c\):-:*:*:*:*:*:*:* |
ibm | power_system_s821lc_\(8001-12c\)_firmware | * | cpe:2.3:o:ibm:power_system_s821lc_\(8001-12c\)_firmware:*:*:*:*:*:*:*:* |
ibm | power_system_s821lc_\(8001-12c\) | - | cpe:2.3:h:ibm:power_system_s821lc_\(8001-12c\):-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
41.1%