ibm power_hardware_management_console CVE Vulnerabilities (5)

CVEs: 5 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting ibm power_hardware_management_console (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 15 of 5 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2024-56477 IBM Power Hardware Management Console V10.3.1050.0 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. [email protected] 6.5 0.46% 2025-02-14 2026-06-17
CVE-2014-0883 IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  91163. [email protected] 6.1 0.65% 2018-04-20 2026-06-16
CVE-2016-5011 The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. [email protected] 4.6 0.46% 2017-04-11 2026-06-16
CVE-2017-1134 IBM Reliable Scalable Cluster Technology could allow a local user to escalate their privileges to gain root access. IBM Reference #: 1998459. [email protected] 7.8 0.34% 2017-03-20 2026-06-16
CVE-2012-3296 Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. [email protected] 4.3 1.65% 2012-08-17 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence