IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2012-08-06T16:00:00
Updated: 2024-08-06T19:26:08.999Z
Reserved: 2012-04-04T00:00:00
Link: CVE-2012-2188
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-08-06T16:55:03.260
Modified: 2017-08-29T01:31:33.290
Link: CVE-2012-2188
Redhat
No data.