cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-35124,https://securityvulnerability.io/vulnerability/CVE-2024-35124,Default Password Vulnerability in OpenBMC Could Lead to Administrative Access,"A significant security vulnerability exists in the OpenBMC firmware across multiple versions. This flaw arises from inadequate password management and session handling practices, allowing unauthorized attackers to gain administrative access to the Baseboard Management Controller (BMC). The compromised firmware versions include FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60. IBM's X-Force ID 290674 documents further details regarding this security issue.",IBM,Openbmc,7.5,HIGH,0.0007300000288523734,false,false,false,false,,false,false,2024-08-13T11:14:40.227Z,0
CVE-2024-31916,https://securityvulnerability.io/vulnerability/CVE-2024-31916,Sensitive URI Disclosure in IBM OpenBMC BMCWeb HTTPS Server,"A security vulnerability exists in the IBM OpenBMC BMCWeb HTTPS server component, impacting versions FW1050.00 through FW1050.10. This flaw may allow unauthorized actors to access sensitive URI content, effectively bypassing existing authentication measures. Such unauthorized access poses significant risks to system integrity and confidentiality.",IBM,Openbmc,7.5,HIGH,0.0007600000244565308,false,false,false,false,,false,false,2024-06-27T18:15:00.000Z,0
CVE-2022-22488,https://securityvulnerability.io/vulnerability/CVE-2022-22488,IBM OpenBMC denial of service,IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time.  IBM X-Force ID:  2226337.,IBM,Openbmc,4.9,MEDIUM,0.0007600000244565308,false,false,false,false,,false,false,2022-12-12T13:15:00.000Z,0
CVE-2021-38960,https://securityvulnerability.io/vulnerability/CVE-2021-38960,,"IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047.",IBM,"Openbmc,Hmc",5.3,MEDIUM,0.0011099999537691474,false,false,false,false,,false,false,2022-02-04T23:15:00.000Z,0
CVE-2021-38961,https://securityvulnerability.io/vulnerability/CVE-2021-38961,,IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049.,IBM,Openbmc,6.1,MEDIUM,0.000699999975040555,false,false,false,false,,false,false,2021-12-27T17:15:00.000Z,0