CVE-2015-0137

Currently unrated

Key Information:

Vendor: IBM
Status: Powervc
Vendor: CVE Published:; 24 March 2015

Summary

IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 validates Hardware Management Console (HMC) certificates only during the pre-login stage, which allows man-in-the-middle attackers to spoof devices via a crafted certificate.

References

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020611

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 24, 2015
Vulnerability Reserved
Nov 18, 2014