CVE-2016-0230

Published Jul 7, 2016

Last updated a month ago

CVSS medium 6.8

Overview

Description: IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0 allows physically proximate attackers to obtain root access via unspecified vectors.
Source: psirt@us.ibm.com
NVD status: Deferred

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.8
Impact score: 5.9
Exploitability score: 0.9
Vector string: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.9.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "374E33CA-EBEF-49FB-B941-07118D3A6D7E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.9.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F702523-55BE-4743-88F3-DB1539269D2C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.9.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA2834CF-DFDF-4BEA-9BE0-BD1C11C918D6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.9.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDB8E8D9-2AE1-48D5-9F71-99BC3F97066D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.1.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C37D81D-56E4-4AED-AD5E-1ED483535849"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.1.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33DA50CC-EE92-4386-B2E2-25DDB7B39984"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.1.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6F97979-8DE1-49FA-BD67-424655913D78"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.1.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8135B772-98EE-484E-87F3-3C4CD7AF41F5"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.2.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76F757D9-6B24-4B9D-B584-143E523F1AC6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.2.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EA06BD4-ADFB-4419-BD0D-DC2B35A05C1B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.2.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B09B0AE3-AF65-4821-9CE1-4D06BB937A1F"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.3.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3406E93-1C05-4D55-B52F-0C95E1635365"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.3.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7D67F4F-5E80-44C8-95F4-044BB54CADFF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.3.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17A95F76-30EA-45CC-AA46-5AA3CAB8B668"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.3.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1E0BDA3-FF99-49FC-A89B-64789A4D6AE8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.3.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76115CAB-E39D-4F7F-AE6C-5B234AE6C23F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.3.0:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56BACDE1-5CC6-4692-AEAD-66F4A8A5DF9A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.3.0:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C3ACD74-718E-40E1-B38C-01EAE90A0253"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:7.3.0:sp7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEC79BEA-AB54-42E5-89C3-1153A8A2105A"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.4.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B147086F-706C-4C62-B7FA-EE20F5A222D9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.4.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BF354DF-8ADB-41D7-B990-5B5597817401"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:hardware_management_console:8.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42172521-C8D9-47C1-9A43-5A54A6A247F5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References