No Authentication Vulnerability in IBM PowerVC Products
CVE-2015-1937

Currently unrated

Key Information:

Vendor

IBM
Status
Powervc
Vendor
CVE Published:
30 May 2015

What is CVE-2015-1937?

Certain versions of IBM PowerVC lack proper authentication for the ceilometer NoSQL database, exposing sensitive data and allowing unauthorized users to read and write arbitrary database records. This loophole could potentially enable an attacker to gain administrator privileges through a simple connection to port 27017, posing a significant security risk to data integrity and system governance.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020731
x_refsource_CONFIRM
http://www.securityfocus.com/bid/74911
vdb-entryx_refsource_BID
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08806
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.