CVE-2025-1951

CWE-2503 documents3 sources

Severity

6.7MEDIUM

EPSS

0.0%

top 92.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Hardware Management Console - Power Systems IBM Hardware Management Console

Timeline

PublishedApr 22

Description

IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/hardware_management_console_-_power_systemsV10.2.1030.0, V10.3.1050.0+1

▶NVDibm/hardware_management_console10.2.1030.0, 10.3.1050.0+1

🔴Vulnerability Details

GHSA

GHSA-6mcv-x7cp-3q3f: IBM Hardware Management Console - Power Systems V10↗2025-04-22

▶

CVEList

IBM Hardware Management Console - Power Systems command execution↗2025-04-22

▶