IBM Security Bulletin: Ceilometer database access unrestricted in PowerVC (CVE-2015-1937)
|
System information
|
|
|
Affected software |
IBM |
Description
|
IBM PowerVC is using a ceilometer database that does not have authentication enabled. CVE(s): CVE-2015-1937 Affected product(s) and affected version(s): PowerVC Express Edition 1.2.0.0 through 1.2.0.4 PowerVC Express Edition 1.2.1.0 through 1.2.1.2 PowerVC Standard Edition 1.2.0.0 through 1.2.0.4 PowerVC Standard Edition 1.2.1.0 through 1.2.1.2 PowerVC Standard Edition 1.2.2.0 through 1.2.2.2 Refer to the following reference URLs for remediation and additional vulnerability details:
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ceilometer_database_access_unrestricted_in_powervc_cve_2015_1937?lang=en_us |
Standar resources
|
Property |
Value |
CVE |
CVE-2015-1937 ,CVE-2015-1920 ,CVE-2015-3456 and CVE-2015-1170. |