8.4
CVE-2025-1951
- EPSS 0.21%
- Veröffentlicht 22.04.2025 14:48:08
- Zuletzt bearbeitet 12.08.2025 18:09:11
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Hardware Management Console - Power Systems command execution
IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Hardware Management Console Version10.2.1030.0
Ibm ≫ Hardware Management Console Version10.3.1050.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.115 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| psirt@us.ibm.com | 8.4 | 2.5 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-250 Execution with Unnecessary Privileges
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://www.ibm.com/support/pages/node/7231389