Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM PowerVC Standard Edition 信任管理漏洞
Vulnerability Description
IBM PowerVC是美国IBM公司的一套虚拟化管理解决方案。该方案支持虚拟系统管理、虚拟图像管理和部署、以及虚拟工作负载管理等。IBM PowerVC Standard Edition是一个标准版。 IBM PowerVC Standard Edition 1.2.2.1版本至1.2.2.2版本中存在安全漏洞,该漏洞源于用户使用nova证书访问Python解释程序时,程序没有执行身份验证操作。KVM虚拟机操作系统端攻击者可借助Python代码利用该漏洞获取特定的PowerVC证书,绕过既定的访问限制。
CVSS Information
N/A
Vulnerability Type
N/A