CVE-2015-1950

EPSS 0.08%
Published 01.07.2015 10:59:00
Last modified 12.04.2025 10:46:40
Source psirt@us.ibm.com
Teams watchlist Login
Open Login

IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Powervc Version1.2.2.1 SwEditionstandard

Ibm ≫ Powervc Version1.2.2.2 SwEditionstandard

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.196

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020740

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08926

http://www.securityfocus.com/bid/75102

https://nvd.nist.gov/vuln/detail/CVE-2015-1950

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-1950

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-1950

EUVD