Описание
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702.
Ссылки
- Vendor Advisory
- VDB EntryVendor Advisory
- Vendor Advisory
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:ibm:open_power:op910:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:ibm:power_system_8335-gth:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:power_system_8335-gtx:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:ibm:open_power:op920:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:ibm:power_system_8335-gtc:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:power_system_8335-gtg:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:power_system_8335-gtw:-:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00268
Низкий
8.1 High
CVSS3
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-1188
Связанные уязвимости
CVSS3: 9.1
github
больше 3 лет назад
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. IBM X-Force ID: 158702.
EPSS
Процентиль: 50%
0.00268
Низкий
8.1 High
CVSS3
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-1188