210 matches found
CVE-2020-14156
userchannel/passwdmgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions...
CVE-2020-14156
userchannel/passwdmgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions...
Design/Logic Flaw
userchannel/passwdmgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions...
CVE-2020-14156
The CVE-2020-14156 issue affects OpenBMC phosphor-host-ipmid prior to 2020-04-03, where user_channel/passwd_mgr.cpp failed to ensure strong permissions on /etc/ipmi-pass. This allowed an attacker to read credentials and potentially escalate privileges to IPMI users. Reported in multiple sources (...
CVE-2020-14156
userchannel/passwdmgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions...
CVE-2019-4169
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702...
CVE-2019-4169
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702...
CVE-2019-4169
CVE-2019-4169 affects IBM Open Power Firmware OP910 and OP920. The issue allows BMC access via IPMI using the default OpenBMC password even after the BMC password has been changed. IBM’s bulletin confirms affected Power9 OpenPOWER releases OP910 and OP920 and provides remediation: OP910 users sho...
CVE-2019-4169
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702...
The vulnerability of the software for OpenBMC controllers, related to access control errors, allows a perpetrator to execute malicious code, read and write arbitrary data, modify configuration settings, or cause service failures.
The vulnerability of the software for OpenBMC controllers is related to access control errors. Exploiting this vulnerability allows a malicious actor to execute malicious code, read and write arbitrary data, modify configuration settings, or cause service failures...