CVE-2015-0136

Currently unrated

Key Information:

Vendor: IBM
Status: Powervc
Vendor: CVE Published:; 24 March 2015

Summary

powervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 places an access token on the command line during IVM and PowerKVM management, which allows local users to obtain sensitive information by listing the process.

References

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020608

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 24, 2015
Vulnerability Reserved
Nov 18, 2014