Information Disclosure Vulnerability in IBM OPENBMC Products
CVE-2021-38960

5.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
4 February 2022

Summary

IBM OPENBMC OP920, OP930, and OP940 are affected by a vulnerability that permits unauthenticated users to gain access to sensitive information. This poses a significant risk to data security, as unauthorized individuals may exploit the flaw to retrieve critical data. Organizations using these products should assess their security posture and apply necessary mitigations to guard against potential exploitation.

Affected Version(s)

HMC OP940

OPENBMC OP920

OPENBMC OP930

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.