CVE-2025-1950

CWE-1144 documents4 sources

Severity

7.8HIGH

EPSS

0.0%

top 93.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Hardware Management Console - Power Systems IBM Hardware Management Console

Timeline

PublishedApr 22

Description

IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.5 | Impact: 6.0

Affected Packages2 packages

▶CVEListV5ibm/hardware_management_console_-_power_systemsV10.2.1030.0, V10.3.1050.0+1

▶NVDibm/hardware_management_console10.2.1030.0, 10.3.1050.0+1

🔴Vulnerability Details

GHSA

GHSA-qcvj-mcp5-pjg8: IBM Hardware Management Console - Power Systems V10↗2025-04-22

▶

CVEList

IBM Hardware Management Console - Power Systems command execution↗2025-04-22

▶

OSV

CVE-2025-21630: In the Linux kernel, the following vulnerability has been resolved: io_uring/net: always initialize kmsg->msg↗2025-01-15

▶