Lucene search
K

153 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:9 a.m.8 views

CVE-2023-50326

IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107...

7.5CVSS6.5AI score0.00663EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:9 a.m.6 views

CVE-2023-50933

IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113...

6.1CVSS6.6AI score0.00409EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:8 a.m.6 views

CVE-2023-50934

IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114...

5.3CVSS6.5AI score0.0044EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:8 a.m.4 views

CVE-2023-50327

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...

5.3CVSS6.5AI score0.00492EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:21 a.m.56 views

Security Bulletin: Multiple vulnerabilities affect PowerSC and PowerSC MFA

Summary There are multiple vulnerabilities in PowerSC and PowerSC MFA. Vulnerability Details CVEID:CVE-2023-50939 DESCRIPTION: IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID:...

9.8CVSS7AI score0.00663EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/04 10:17 p.m.22 views

Security Bulletin: PowerSC is vulnerable to information disclosure, denial of service, and security restrictions bypass due to Curl

Summary Vulnerabilities in Curl could allow a local attacker to obtain sensitive information CVE-2024-7264 or a remote attacker to cause a denial of service CVE-2024-6197, CVE-2024-37371 or bypass security restrictions CVE-2024-37370. PowerSC uses Curl as part of PowerSC Trusted Network Connect...

9.1CVSS7.5AI score0.17301EPSS
Exploits2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.7 views

The vulnerability of software for managing and securing environments on IBM Power Systems, IBM PowerSC, arises from the use of an untrusted interdomain policy file. This allows attackers to perform privileged actions and extract confidential information.

The vulnerability of the IBM PowerSC microprocessor architecture is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows attackers to perform privileged actions and extract confidential information...

5.3CVSS7.7AI score0.00456EPSS
Exploits0References5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 7:4 p.m.28 views

Security Bulletin: PowerSC is vulnerable to security restrictions bypass and denial of service due to Curl

Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions CVE-2024-2466, CVE-2024-2004, CVE-2024-2379 or cause a denial of service CVE-2024-2398. PowerSC uses Curl as part of PowerSC Trusted Network Connect TNC. Vulnerability Details CVEID:CVE-2024-2466...

8.6CVSS7.4AI score0.36081EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/20 6:41 p.m.45 views

Security Bulletin: PowerSC is vulnerable to security restrictions bypass due to Curl (CVE-2023-46218, CVE-2023-46219, CVE-2024-0853)

Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions CVE-2023-46218, CVE-2023-46219, CVE-2024-0853. PowerSC uses Curl as part of PowerSC Trusted Network Connect TNC. Vulnerability Details CVEID:CVE-2023-46218 DESCRIPTION: cURL libcurl could allow a remote...

6.5CVSS6.6AI score0.01685EPSS
Exploits3Affected Software1
CNVD
CNVD
added 2024/02/23 12:0 a.m.16 views

IBM PowerSC Information Disclosure Vulnerability (CNVD-2024-09941)

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. An information disclosure vulnerability exists in IBM PowerSC that stems from MFA not implementing the HSTS security policy mechanism, which can be exploited by an attacker to cau...

7.5CVSS6.3AI score0.00318EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/23 12:0 a.m.9 views

IBM PowerSC Clickjacking Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from a clickjacking vulnerability that can be exploited by an attacker to hijack a victim's click-to-operate and launch further attacks against the victim...

6.5CVSS6.6AI score0.00401EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.6 views

IBM PowerSC Session Fixation Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from a session fixation vulnerability that stems from the failure to provide logout functionality, which could be exploited by an attacker to gain access to...

6.3CVSS6.8AI score0.00285EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.6 views

IBM PowerSC Forced Browsing Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC has a forced browsing vulnerability vulnerability that stems from not properly restricting access to URLs or resources, which can be exploited by an attacker to gain...

6.5CVSS6.8AI score0.00407EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.15 views

IBM PowerSC Information Disclosure Vulnerability (CNVD-2024-09949)

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. An information disclosure vulnerability exists in IBM PowerSC, which can be exploited by an attacker to view session identifiers passed via URL query strings...

5.3CVSS6.2AI score0.00532EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.17 views

IBM PowerSC Information Disclosure Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an information disclosure vulnerability vulnerability that stems from not using proper account lockout settings, which can be exploited by an attacker to...

7.5CVSS6.3AI score0.00663EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.13 views

IBM PowerSC Cross-Site Scripting Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from a cross-site scripting vulnerability that can be exploited by attackers to inject malicious HTML code...

6.1CVSS6AI score0.00409EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.13 views

IBM PowerSC Explains Conflict Vulnerabilities

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an interpretation conflict vulnerability that stems from not using a secure HTTP method, which could be exploited by an attacker to perform unauthorized...

5.3CVSS6.6AI score0.00492EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.14 views

IBM PowerSC Encryption Problem Vulnerability (CNVD-2024-09945)

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC has an encryption issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decrypt highly...

7.5CVSS6.5AI score0.00318EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.14 views

IBM PowerSC Authentication Error Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC has an Authentication Error Vulnerability vulnerability that stems from the use of single-factor authentication, which can be exploited by an attacker to cause a risk ...

5.3CVSS6.7AI score0.0044EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/22 12:0 a.m.12 views

IBM PowerSC Session Fixation Vulnerability (CNVD-2024-09948)

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. A session fixation vulnerability exists in IBM PowerSC, which stems from a failure to disable a session after logging out, and can be exploited by an attacker to impersonate anoth...

8.8CVSS6.6AI score0.00381EPSS
Exploits0References1
Rows per page
Query Builder