Command injection

2012-08-0616:55:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character.

CPENameOperatorVersion
power_hardware_management_console_firmwareeq7.0.0-r7.2.0
power_hardware_management_console_firmwareeq7.0.0-r3.5.0
power_hardware_management_console_firmwareeq7.0.0-r7.3.0
power_hardware_management_console_firmwareeq7.0.0-r7.1.0
systems_director_management__console_firmwareeq6.0.0-r7.3.0

Name	Operator	Version
power_hardware_management_console_firmware	eq	7.0.0-r7.2.0
power_hardware_management_console_firmware	eq	7.0.0-r3.5.0
power_hardware_management_console_firmware	eq	7.0.0-r7.3.0
power_hardware_management_console_firmware	eq	7.0.0-r7.1.0
systems_director_management__console_firmware	eq	6.0.0-r7.3.0

References

www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_power_hmc_viosrvcmd_command_allows_elevated_privilege_on_vios_cve_2012_218825

www.ibm.com/support/docview.wss?uid=isg1MB03548

www.ibm.com/support/docview.wss?uid=isg1MB03550

www.ibm.com/support/docview.wss?uid=isg1MB03554

www.ibm.com/support/docview.wss?uid=isg1MB03580

exchange.xforce.ibmcloud.com/vulnerabilities/75906