Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Power HMC/SDMC 权限许可和访问控制漏洞
Vulnerability Description
IBM Power Hardware Management Console (HMC) SP4之前的7R3.5.0版本,7R7.1.0版本和7R7.2.0 SP3之前的7R7.2.0版本,SP2之前的7R7.3.0版本,IBM Systems Director Management Console (SDMC) SP2之前的6R7.3.0版本中存在漏洞,该漏洞源于未正确限制VIOS viosrvcmd命令。本地攻击者可利用该漏洞通过包含(1)$(美元符号)或(2)&符号字符的向量获取特权。
CVSS Information
N/A
Vulnerability Type
N/A