Information Disclosure in IBM PowerVC Due to Cleartext Passwords
CVE-2014-3093

Currently unrated

Key Information:

Vendor

IBM
Status
Powervc
Vendor
CVE Published:
29 August 2014

What is CVE-2014-3093?

IBM PowerVC versions prior to FP3 for 1.2.0 and FP2 for 1.2.1 are susceptible to an information disclosure vulnerability caused by the storage of sensitive data in cleartext. This security flaw affects multiple components, including api-paste.ini, debug logs, and configuration files. Local users can exploit this vulnerability by executing certain commands or accessing files, enabling them to obtain confidential information, thereby posing a significant risk to the integrity and confidentiality of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020242
x_refsource_CONFIRM
http://www.securityfocus.com/bid/69437
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/94259
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.