Security Bulletin: Vulnerability in Xerces-C (CVE-2018-1311)

Summary Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. XML parser contains a...

Security Bulletin: Vulnerability in systemd affects Power Hardware Management Console (CVE-2019-6454)

Summary The systemd is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE Vulnerability Details CVEID: CVE-2019-6454 DESCRIPTION: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provid...

Security Bulletin: Vulnerability in IBM Java affects Power Hardware Management Console (CVE-2020-2773).

Summary IBM Java is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-2773 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause a...

Security Bulletin: Vulnerability in libssh2 affects Power Hardware Management Console (CVE-2019-3862)

Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-3862 DESCRIPTION: An out of bounds read flaw was discovered in libssh2 in the way SSHMSGCHANNELREQUEST packets with an exit status message and no payload a...

Security Bulletin: Vulnerability in IBM Java affects Power Hardware Management Console (CVE-2020-27221).

Summary IBM Java is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-27221 DESCRIPTION: Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8...

Security Bulletin: Vulnerabilities in kernel affect Power Hardware Management Console (CVE-2019-11479,CVE-2019-11477 and CVE-2019-11478)

Summary Power Hardware Management Console is affected by security vulnerabilities in the Linux Kernel. Power Hardware Management Console has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-11478 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an issu...

Security Bulletin: Vulnerabilities in OpenSSL affect Power Hardware Management Console (CVE-2017-3737, CVE-2017-3736)

Summary OpenSSL is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2017-3737 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by a flaw in the "error state" mechanism when directly...

Security Bulletin: Vulnerability in Kernel affects Power Hardware Management Console (CVE-2018-5391)

Summary Linux Kernel is vulnerable to a denial of service, caused by the improper handling of the reassembly of fragmented IPv4 and IPv6 packets by the IP implementation. By sending specially crafted IP fragments with random offsets, a remote attacker could exploit this vulnerability to exhaust a...

CVE-2021-29707

IBM HMC Hardware Management Console V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879...

Code injection

IBM HMC Hardware Management Console V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879...

CVE-2021-29707

IBM HMC Hardware Management Console V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879...