Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Power Hardware Management Console Security Vulnerabilities

cve
cve

CVE-2023-38280

IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: ...

8.4CVSS

7.4AI Score

0.0004EPSS

2023-10-16 02:15 AM
64
cve
cve

CVE-2021-29891

IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID:...

4.9CVSS

4.9AI Score

0.001EPSS

2022-08-22 08:15 PM
38
5
cve
cve

CVE-2021-38960

IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID:...

7.5CVSS

7.2AI Score

0.001EPSS

2022-02-04 11:15 PM
35
cve
cve

CVE-2021-29847

BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID:...

5.9CVSS

5.2AI Score

0.001EPSS

2021-12-15 08:15 PM
14
cve
cve

CVE-2021-29707

IBM HMC (Hardware Management Console) V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID:...

7.8CVSS

7.4AI Score

0.0004EPSS

2021-07-19 04:15 PM
22
3
cve
cve

CVE-2014-0883

IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

6.1CVSS

5.8AI Score

0.001EPSS

2018-04-20 09:29 PM
21
cve
cve

CVE-2016-5011

The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero...

4.6CVSS

4.5AI Score

0.002EPSS

2017-04-11 03:59 PM
299
4
cve
cve

CVE-2017-1134

IBM Reliable Scalable Cluster Technology could allow a local user to escalate their privileges to gain root access. IBM Reference #:...

7.8CVSS

7.8AI Score

0.0004EPSS

2017-03-20 04:59 PM
25
cve
cve

CVE-2012-3296

Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.7AI Score

0.004EPSS

2012-08-17 08:55 PM
17
cve
cve

CVE-2012-2188

IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via.....

6.5AI Score

0.0004EPSS

2012-08-06 04:55 PM
17