Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: IBM Virtualization Engine TS7700 – Insufficient Restrictions on SSH Users (CVE-2014-3048) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
Unprivileged users may be able to invoke privileged commands via SSH. With the right type of network access to the hardware, a skilled user could figure out a way to craft an SSH command to grant themselves privileged access, allowing the user to issue all administrative commands, with the potential to disrupt normal system operation. This patch fixes a security vulnerability that allows a TSSC service user unauthorized access to the attached TS7700. CVE(s): CVE-2014-3048 Affected product(s) More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_virtualization_engine_ts7700_ndash_insufficient_restrictions_on_ssh_users_cve_2014_3048?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-3048 ,CVE-2014-0160 ,CVE-2014-0453 ,CVE-2014-0936 ,CVE-2011-4858 ,CVE-2014-0094 ,CVE-2014-0112 ,CVE-2014-0113 and CVE-2014-0116. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-06-06 |