Hardware Management Console

hardware_management_console

Vendor: Ibm • 14 CVEs

CVEs (14)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-36125 1Ibm 1Hardware Management Console Dec 19, 2025 Sep 9, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 IBM Hardware Management Console - Power 10.3.1050.0 and 11.1.1110.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus alte...Show more IBM Hardware Management Console - Power 10.3.1050.0 and 11.1.1110.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.Show less
CVE-2025-1951 1Ibm 1Hardware Management Console Aug 12, 2025 Apr 22, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.
CVE-2025-1950 1Ibm 1Hardware Management Console Aug 14, 2025 Apr 22, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source.
CVE-2023-38280 1Ibm 1Hardware Management Console Nov 21, 2024 Oct 16, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 260740.
CVE-2021-29707 1Ibm 1Hardware Management Console Nov 21, 2024 Jul 19, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 IBM HMC (Hardware Management Console) V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879.
CVE-2016-0230 1Ibm 1Hardware Management Console May 6, 2026 Jul 7, 2016 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0 allows physically proximate...Show more IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0 allows physically proximate attackers to obtain root access via unspecified vectors.Show less
CVE-2009-1806 1Ibm 1Hardware Management Console Apr 23, 2026 May 28, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.4.0 SP2, when Active Memory Sharing is used, has unknown impact and attack vectors, related to a shared memory partition and a shared memory...Show more Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.4.0 SP2, when Active Memory Sharing is used, has unknown impact and attack vectors, related to a shared memory partition and a shared memory pool with redundant paging Virtual I/O Server (VIOS) partitions. NOTE: some of these details are obtained from third party information.Show less
CVE-2009-0178 1Ibm 1Hardware Management Console Apr 23, 2026 Jan 20, 2009 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors.
CVE-2008-5035 1Ibm 1Hardware Management Console Apr 23, 2026 Nov 10, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 and 3.3.0 SP2 allows remote attackers to cause a denial of service (daemon crash or hang) via a packet with an...Show more The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 and 3.3.0 SP2 allows remote attackers to cause a denial of service (daemon crash or hang) via a packet with an invalid length.Show less
CVE-2008-0495 1Ibm 1Hardware Management Console Apr 23, 2026 Jan 30, 2008 N/A· v4 N/A· v3 7.8 HIGH· v2 Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2007-6305 1Ibm 1Hardware Management Console Apr 23, 2026 Dec 10, 2007 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via "some HMC commands."
CVE-2007-6294 1Ibm 1Hardware Management Console Apr 23, 2026 Dec 10, 2007 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers to gain privileges via "some HMC commands."
CVE-2007-6293 1Ibm 1Hardware Management Console Apr 23, 2026 Dec 10, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands."
CVE-2005-0539 1Ibm 1Hardware Management Console Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard.