VYPR

OPENBMC OP910

by IBM

CVEs (7)

  • CVE-2026-7254MedMay 27, 2026
    risk 0.34cvss 5.3epss 0.00

    IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network users.

  • CVE-2024-35124Aug 13, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674.

  • CVE-2024-31916Jun 27, 2024
    risk 0.00cvss epss 0.01

    IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026.

  • CVE-2022-22488Nov 18, 2022
    risk 0.00cvss epss 0.00

    IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337.

  • CVE-2021-29891Aug 22, 2022
    risk 0.00cvss epss 0.00

    IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221.

  • CVE-2021-38960Feb 4, 2022
    risk 0.00cvss epss 0.01

    IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047.

  • CVE-2021-38961Dec 27, 2021
    risk 0.00cvss epss 0.01

    IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049.