POWER9: In response to a security issue with BMC’s HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2021-38960
CVEID:CVE-2021-38960
**DESCRIPTION:**IBM OPENBMC could allow an unauthenticated user to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/212047 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
OPENBMC | OP920, OP930, OP940 |
HMC | |
OP940 |
Customers with the products below running OP920, OP930 or OP940, install OP940.30:
Customers with the products below running OP940, install OP940.30:
None