CVE-2021-39295

In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid IPMI lan+ interface...

Security Bulletin: IBM DataPower Gateway enables default IPMI account

Summary If IPMI over LAN Is enabled, a default administrator account is also enabled. Vulnerability Details CVEID: CVE-2019-4621 DESCRIPTION: IBM DataPower Appliance and IBM MQ Appliance have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker cou...

IBM DataPower Gateway Security Bypass

According to its self-reported version, the IBM DataPower Gateway running on the remote host is affected by a security bypass vulnerability due to a default account that is present if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC....

CVE-2019-4621

IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883...

Unspecified Vulnerability in IBM DataPower Gateway

IBM DataPower Gateway is a suite of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interfaces APIs, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates and optimizes access across...