VAR-201208-0620
Vulnerability from variot - Updated: 2023-12-18 13:15IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character. A local attacker may exploit this issue to execute arbitrary code with Local System privileges. Successful exploits will result in the complete compromise of affected computers. The vulnerability is caused by not properly restricting the VIOS viosrvcmd command
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0620",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "power hardware management console",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7r7.2.0"
},
{
"model": "power hardware management console",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7r7.1.0"
},
{
"model": "systems director management console",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6r7.3.0"
},
{
"model": "power hardware management console",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7r7.3.0"
},
{
"model": "power hardware management console",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7r3.5.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "sp4"
},
{
"model": "systems director management console",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "sp2"
},
{
"model": "hardware management console",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "7r3.5.0"
},
{
"model": "hardware management console",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "7r7.3.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7r7.2.0 sp3"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "sp2"
},
{
"model": "systems director management console",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "6r7.3.0"
},
{
"model": "hardware management console",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "7r7.2.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7r7.1.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ibm:power_hardware_management_console_firmware:7r7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:systems_director_management__console_firmware:6r7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:power_hardware_management_console_firmware:7r7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:power_hardware_management_console_firmware:7r7.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:power_hardware_management_console_firmware:7r3.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2188"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CitiGroup Inc",
"sources": [
{
"db": "BID",
"id": "54844"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2188",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-2188",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-55469",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2188",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-013",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-55469",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55469"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) \u0026 (ampersand) character. \nA local attacker may exploit this issue to execute arbitrary code with Local System privileges. Successful exploits will result in the complete compromise of affected computers. The vulnerability is caused by not properly restricting the VIOS viosrvcmd command",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"db": "BID",
"id": "54844"
},
{
"db": "VULHUB",
"id": "VHN-55469"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2188",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003476",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-013",
"trust": 0.7
},
{
"db": "AIXAPAR",
"id": "MB03548",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "MB03554",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "MB03550",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "MB03580",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20263",
"trust": 0.6
},
{
"db": "XF",
"id": "75906",
"trust": 0.6
},
{
"db": "BID",
"id": "54844",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-55469",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55469"
},
{
"db": "BID",
"id": "54844"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
]
},
"id": "VAR-201208-0620",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55469"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:15:03.280000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Bulletin: Power HMC viosrvcmd command allows elevated privilege on VIOS (CVE-2012-2188)",
"trust": 0.8,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_power_hmc_viosrvcmd_command_allows_elevated_privilege_on_vios_cve_2012_218825?lang=ja"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55469"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"db": "NVD",
"id": "CVE-2012-2188"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1mb03548"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1mb03550"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1mb03554"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1mb03580"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_power_hmc_viosrvcmd_command_allows_elevated_privilege_on_vios_cve_2012_218825"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75906"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2188"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2188"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/75906"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20263"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55469"
},
{
"db": "BID",
"id": "54844"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-55469"
},
{
"db": "BID",
"id": "54844"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-55469"
},
{
"date": "2012-08-07T00:00:00",
"db": "BID",
"id": "54844"
},
{
"date": "2012-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"date": "2012-08-06T16:55:03.260000",
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"date": "2012-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-55469"
},
{
"date": "2012-08-07T00:00:00",
"db": "BID",
"id": "54844"
},
{
"date": "2012-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003476"
},
{
"date": "2017-08-29T01:31:33.290000",
"db": "NVD",
"id": "CVE-2012-2188"
},
{
"date": "2012-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "54844"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM HMC and SDMC Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003476"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-013"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…