Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM42CD651F2BD0D51490E0A861647BAC1292A04A5D692CAC396B116B30F334F0DB
HistorySep 23, 2021 - 1:31 a.m.

Security Bulletin: Vulnerability in Perl affects Power Hardware Management Console (‪‪CVE-2016-1238‬)

2021-09-2301:31:39
www.ibm.com
11

0.0004 Low

EPSS

Percentile

15.7%

JSON

Summary

Perl is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.

Vulnerability Details

CVEID: CVE-2016-1238
DESCRIPTION: Perl could allow a local attacker to gain elevated privileges on the system, caused by an error when loading optional modules. By loading code from the current working directory, an attacker could exploit this vulnerability to cause the target Perl application to load and execute arbitrary code on the target system with elevated privileges.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115425 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Power HMC V7.7.9.0

Remediation/Fixes

The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/&gt;

Product

|

VRMF

|

APAR

|

Remediation/Fix

—|—|—|—

Power HMC

|

V7.7.9.0 SP3

|

MB04044

|

MH01659

Workarounds and Mitigations

None

Related

nessus 42
openvas 38
cve 1
fedora 6
ubuntucve 1
debian 5
debiancve 1
alpinelinux 1
cvelist 1
redhatcve 1
freebsd 2
nvd 1
veracode 1
osv 4
f5 1
prion 1
suse 4
ibm 1
mageia 2
photon 1
gentoo 2
rosalinux 1
nessus
nessus
Debian DLA-584-1 : libsys-syslog-perl security update
2016-08-05 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : perl-ExtUtils-ParseXS (EulerOS-SA-2020-1994)
2020-09-29 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : perl-Digest (EulerOS-SA-2020-2009)
2020-09-29 00:00:00
openvas
openvas
Fedora Update for perl FEDORA-2016-e9e5c081d4
2016-08-05 00:00:00
openSUSE: Security Advisory for amavisd-new (openSUSE-SU-2019:0297-1)
2019-03-07 00:00:00
Huawei EulerOS: Security Advisory for perl-IPC-Cmd (EulerOS-SA-2020-2026)
2020-09-29 00:00:00
cve
cve
CVE-2016-1238
2016-08-02 14:59:00
fedora
fedora
[SECURITY] Fedora 23 Update: perl-Module-Load-Conditional-0.68-1.fc23
2016-08-08 23:59:42
[SECURITY] Fedora 24 Update: perl-5.22.2-362.fc24
2016-08-04 20:55:31
[SECURITY] Fedora 24 Update: perl-Module-Load-Conditional-0.68-1.fc24
2016-08-08 20:34:46
ubuntucve
ubuntucve
CVE-2016-1238
2016-07-25 00:00:00
debian
debian
[SECURITY] [DLA 584-1] libsys-syslog-perl security update
2016-08-04 14:34:39
[SECURITY] [DSA 3628-1] perl security update
2016-07-25 14:18:38
[SECURITY] [DLA 565-1] perl security update
2016-07-28 16:03:17
debiancve
debiancve
CVE-2016-1238
2016-08-02 14:59:00
alpinelinux
alpinelinux
CVE-2016-1238
2016-08-02 14:59:00
cvelist
cvelist
CVE-2016-1238
2016-08-02 14:00:00
redhatcve
redhatcve
CVE-2016-1238
2016-07-26 13:18:19
freebsd
freebsd
perl -- local arbitrary code execution
2016-07-21 00:00:00
spamassassin -- multiple vulnerabilities
2018-09-16 00:00:00
nvd
nvd
CVE-2016-1238
2016-08-02 14:59:00
veracode
veracode
Arbitrary Code Execution
2020-05-10 23:28:29
osv
osv
libsys-syslog-perl - security update
2016-08-04 00:00:00
perl - security update
2016-07-25 00:00:00
perl - security update
2016-07-28 00:00:00
f5
f5
K39909763 : Perl vulnerability CVE-2016-1238
2017-10-25 00:00:00
prion
prion
Directory traversal
2016-08-02 14:59:00
suse
suse
Security update for amavisd-new (moderate)
2019-03-06 00:00:00
Security update for spamassassin (moderate)
2019-08-06 00:00:00
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
ibm
ibm
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple perl vulnerabilities (CVE-2016-1238, CVE-2016-2381, CVE-2015-8853)
2018-06-18 01:34:01
mageia
mageia
Updated spamassassin packages fix security vulnerabilities
2018-10-30 21:01:43
Updated perl packages fix security vulnerability
2018-01-03 18:50:51
photon
photon
Important Photon OS Security Update - PHSA-2017-0010
2017-02-02 00:00:00
gentoo
gentoo
SpamAssassin: Multiple vulnerabilities
2018-12-15 00:00:00
Perl: Multiple vulnerabilities
2017-01-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1949
2021-07-02 17:41:47

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for 42CD651F2BD0D51490E0A861647BAC1292A04A5D692CAC396B116B30F334F0DB
nessus42openvas38cve1fedora6ubuntucve1debian5debiancve1alpinelinux1cvelist1redhatcve1freebsd2nvd1veracode1osv4f51prion1suse4ibm1mageia2photon1gentoo2rosalinux1