Unrated severityNVD Advisory· Published Aug 29, 2014· Updated Jun 17, 2026
CVE-2014-3093
CVE-2014-3093
Description
IBM PowerVC 1.2.0 before FP3 and 1.2.1 before FP2 uses cleartext passwords in (1) api-paste.ini, (2) debug logs, (3) the installation process, (4) environment checks, (5) powervc-ldap-config, (6) powervc-restore, and (7) powervc-diag, which allows local users to obtain sensitive information by entering a ps command or reading a file.
Affected products
11cpe:2.3:a:ibm:powervc:1.2.0.0:*:*:*:express:*:*:*+ 10 more
- cpe:2.3:a:ibm:powervc:1.2.0.0:*:*:*:express:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.0.0:*:*:*:standard:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.0.1:*:*:*:express:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.0.1:*:*:*:standard:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.0.2:*:*:*:express:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.0.2:*:*:*:standard:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.1.0:*:*:*:express:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.1.0:*:*:*:standard:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.1.1:*:*:*:express:*:*:*
- cpe:2.3:a:ibm:powervc:1.2.1.1:*:*:*:standard:*:*:*
- (no CPE)range: 1.2.0 before FP3, 1.2.1 before FP2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.