3 matches found
CVE-2015-0137
IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 validates Hardware Management Console HMC certificates only during the pre-login stage, which allows man-in-the-middle attackers to spoof devices via a crafted certificate...
Code injection
IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 validates Hardware Management Console HMC certificates only during the pre-login stage, which allows man-in-the-middle attackers to spoof devices via a crafted certificate...
CVE-2015-0137
IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 fail to validate HMC certificates at login, enabling MITM via crafted certificates to spoof devices. Affected: IBM PowerVC PowerVC Management Console certificate validation during pre-login. Root cause: inadequate certificate va...