14 matches found
CVE-2023-38280
IBM Power HMC (Hardware Management Console) versions 10.1.1010.0 and 10.2.1030.0 contain a local privilege escalation to root on a restricted shell. Root cause relates to a vulnerability in sed used by HMC. Remediation is available via fixes on Fix Central: Power HMC V10.1.1020.0 SP2 (ppc/x86) wi...
CVE-2025-1950
CVE-2025-1950 affects IBM Hardware Management Console (Power Systems) versions V10.2.1030.0 and V10.3.1050.0. Description: local privilege escalation due to improper validation of libraries from an untrusted source, enabling a local user to execute commands. Root cause: untrusted-library validati...
CVE-2025-1951
CVE-2025-1951 affects IBM Hardware Management Console (Power Systems) versions V10.2.1030.0 and V10.3.1050.0. The underlying issue is execution of commands with unnecessary privileges, enabling a local user to run commands as a privileged user (CWE-250). IBM’s advisory confirms the root cause as ...
CVE-2008-5035
CVE-2008-5035 affects the IBM Hardware Management Console (HMC) — Resource Monitoring and Control (RMC) daemon in HMC 7, releases 3.2.0 SP1 and 3.3.0 SP2. The issue allows a remote attacker to cause a denial of service (daemon crash or hang) by sending a malformed packet with an invalid length. E...
CVE-2016-0230
CVE-2016-0230 concerns IBM Power Hardware Management Console (HMC) releases: 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0. The vulnerability allows physically proximate attackers to obtain root ...
CVE-2007-6305
Technical details (affected components, root cause, versions, fixes) are not publicly available in the provided documents; monitor for updates.
CVE-2009-1806
CVE-2009-1806 concerns IBM Hardware Management Console (HMC) 7 release 3.4.0 SP2, where the issue arises when Active Memory Sharing is used. The connected documents describe the vulnerability as related to a shared memory partition and a shared memory pool with redundant paging within VIOS partit...
CVE-2007-6293
CVE-2007-6293 affects IBM Hardware Management Console (HMC) 6 R1.3. The connected records describe multiple unspecified vulnerabilities within HMC that allow attackers to gain privileges via certain HMC commands. The documents do not specify the root cause, exact vulnerable components, bug detail...
CVE-2007-6294
Technical details for CVE-2007-6294 are not publicly available in the provided documents. No specifics on affected models, vulnerable components, root cause, or fixes are disclosed here. Monitor for updates from official sources.
CVE-2009-0178
Technical details and affected components for CVE-2009-0178 are not publicly available in the provided documents; monitor for updates.
CVE-2021-29707
CVE-2021-29707 affects IBM HMC (Power Hardware Management Console) V9.1.910.0 and V9.2.950.0, where a local user can escalate privileges to root on a restricted shell. The IBM bulletin lists affected versions and provides fixes: Power HMC V9.1.940.0 SP2 (MB04287, MH01896) for PPC and V9.1.940.0 S...
CVE-2005-0539
CVE-2005-0539 affects IBM Hardware Management Console (HMC) for POWER5 servers prior to version 4.4. The issue, related to the Guided Setup Wizard, permits local users to gain privileges (partial confidentiality, integrity, and availability impacts described by CVSS 2.0: Base 4.6). IBM lists a fi...
CVE-2008-0495
Technical details about CVE-2008-0495 are not publicly available in the provided documents. Monitor for updates; current records only state an unspecified denial-of-service vulnerability in IBM HMC Pegasus CIM Server with no exposed vectors or affected versions.
CVE-2025-36125
CVE-2025-36125 (IBM HMC - Power) affects IBM Hardware Management Console for Power versions 10.3.1050.0 and 11.1.1110.0. It is a stored cross-site scripting vulnerability (CWE-79) that allows an authenticated user to inject arbitrary JavaScript into the Web UI, potentially leading to credentials ...