IBM Security Bulletin: IBM Virtualization Engine TS7700 – Insufficient Restrictions on SSH Users (CVE-2014-3048)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
Unprivileged users may be able to invoke privileged commands via SSH. With the right type of network access to the hardware, a skilled user could figure out a way to craft an SSH command to grant themselves privileged access, allowing the user to issue all administrative commands, with the potential to disrupt normal system operation. This patch fixes a security vulnerability that allows a TSSC service user unauthorized access to the attached TS7700. CVE(s): CVE-2014-3048 Affected product(s)
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_virtualization_engine_ts7700_ndash_insufficient_restrictions_on_ssh_users_cve_2014_3048?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-3048 ,CVE-2014-0160 ,CVE-2014-0453 ,CVE-2014-0936 ,CVE-2011-4858 ,CVE-2014-0094 ,CVE-2014-0112 ,CVE-2014-0113 and CVE-2014-0116. |