3 matches found
CVE-2024-31916
CVE-2024-31916 (IBM OpenBMC) affects OpenBMC versions FW1050.00–FW1050.10, where the BMCWeb HTTPS server component could disclose sensitive URI content to an unauthenticated user. Root cause: improper exposure in the HTTPS server that bypasses authentication channels. Impact is limited to sensiti...
CVE-2024-35124
CVE-2024-35124 affects OpenBMC firmware FW1020.00–FW1020.60, FW1030.00–FW1030.50, and FW1050.00–FW1050.10. The root cause is default password/session management during initial installation, enabling a network attacker to gain administrative access to the BMC. Affected products/versions are explic...
CVE-2026-7254
IBM OPENBMC firmware FW1110.00–FW1110.11 is vulnerable to denial of service via the BMC HTTPS interface by unauthenticated network users. The IBM bulletin identifies the affected product as OPENBMC and specifies that the vulnerability stems from improper validation in the HTTPS service, with CVSS...