CVE-2015-1937 - OpenCVE

IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and 1.2.2.x through 1.2.2.2 does not require authentication for the ceilometer NoSQL database, which allows remote attackers to read or write to arbitrary database records, and consequently obtain administrator privileges, via a session on port 27017.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Ibm	Powervc

Configuration 1 [-]

OR	cpe:2.3:a:ibm:powervc:1.2.0.0::::express:::
	cpe:2.3:a:ibm:powervc:1.2.0.0::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.0.1::::express:::
	cpe:2.3:a:ibm:powervc:1.2.0.1::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.0.2::::express:::
	cpe:2.3:a:ibm:powervc:1.2.0.2::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.0.3::::express:::
	cpe:2.3:a:ibm:powervc:1.2.0.3::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.0.4::::express:::
	cpe:2.3:a:ibm:powervc:1.2.0.4::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.1.0::::express:::
	cpe:2.3:a:ibm:powervc:1.2.1.0::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.1.1::::express:::
	cpe:2.3:a:ibm:powervc:1.2.1.2::::express:::
	cpe:2.3:a:ibm:powervc:1.2.1.2::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.2.0::::express:::
	cpe:2.3:a:ibm:powervc:1.2.2.0::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.2.1::::express:::
	cpe:2.3:a:ibm:powervc:1.2.2.1::::standard:::
	cpe:2.3:a:ibm:powervc:1.2.2.2::::express:::
	cpe:2.3:a:ibm:powervc:1.2.2.2::::standard:::

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020731	Patch Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08806
http://www.securityfocus.com/bid/74911

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ibm

Published: 2015-05-30T19:00:00

Updated: 2016-11-28T20:57:01

Reserved: 2015-02-19T00:00:00

Link: CVE-2015-1937

JSON object: View

NVD Information

Status : Modified

Published: 2015-05-30T19:59:02.740

Modified: 2016-11-30T03:00:10.433

Link: CVE-2015-1937

JSON object: View

Redhat Information

No data.

CWE

CWE-284

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-28T00:00:00", "descriptions": [{"lang": "en", "value": "IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and 1.2.2.x through 1.2.2.2 does not require authentication for the ceilometer NoSQL database, which allows remote attackers to read or write to arbitrary database records, and consequently obtain administrator privileges, via a session on port 27017."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-28T20:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020731"}, {"name": "74911", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74911"}, {"name": "IT08806", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT08806"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2015-1937", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and 1.2.2.x through 1.2.2.2 does not require authentication for the ceilometer NoSQL database, which allows remote attackers to read or write to arbitrary database records, and consequently obtain administrator privileges, via a session on port 27017."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020731", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020731"}, {"name": "74911", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74911"}, {"name": "IT08806", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT08806"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2015-1937", "datePublished": "2015-05-30T19:00:00", "dateReserved": "2015-02-19T00:00:00", "dateUpdated": "2016-11-28T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.0:*:*:*:express:*:*:*", "matchCriteriaId": "F235BE09-8C8A-47DB-8FEB-1DB75B033143", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.0:*:*:*:standard:*:*:*", "matchCriteriaId": "588EBB92-23C4-425B-9093-F776323B05F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.1:*:*:*:express:*:*:*", "matchCriteriaId": "603F587A-2B4B-4FCD-B0AD-EE07553CB485", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.1:*:*:*:standard:*:*:*", "matchCriteriaId": "AB78B5FF-E4F3-483D-A3BF-F2E2ED997DEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.2:*:*:*:express:*:*:*", "matchCriteriaId": "68534B6C-B5EC-4F62-AF41-DDCE3C10ACBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.2:*:*:*:standard:*:*:*", "matchCriteriaId": "C1626D53-458F-4EE2-9CA5-EFF2B819B5CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.3:*:*:*:express:*:*:*", "matchCriteriaId": "C9C4784D-B903-461C-9B50-0BD8BBE1FF41", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.3:*:*:*:standard:*:*:*", "matchCriteriaId": "12201638-3C87-480B-A5A1-371A1FB37056", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.4:*:*:*:express:*:*:*", "matchCriteriaId": "8AD60B84-BA59-4E27-9C77-DE7091C893DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.0.4:*:*:*:standard:*:*:*", "matchCriteriaId": "15A5BFD7-C09D-4636-88EB-ACAD7EB08197", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.1.0:*:*:*:express:*:*:*", "matchCriteriaId": "94DE7F8F-4A36-4A95-8E3E-0327CF37D5DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.1.0:*:*:*:standard:*:*:*", "matchCriteriaId": "0AEECF0E-682F-49A4-B54A-825F3EBF06F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.1.1:*:*:*:express:*:*:*", "matchCriteriaId": "BE08D50D-FCEA-4619-A695-C00871A335F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.1.2:*:*:*:express:*:*:*", "matchCriteriaId": "A8115E03-8219-4F50-9984-EBBFE543112B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.1.2:*:*:*:standard:*:*:*", "matchCriteriaId": "2EADAFFB-D320-493C-96CB-4563A1EA0215", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.2.0:*:*:*:express:*:*:*", "matchCriteriaId": "6CAE632C-E7A1-49CC-9849-8909B45392D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.2.0:*:*:*:standard:*:*:*", "matchCriteriaId": "1D9515B2-1C8F-47D6-831B-8FF53286A557", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.2.1:*:*:*:express:*:*:*", "matchCriteriaId": "2418F07A-06DD-4738-B0F4-915237B07CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.2.1:*:*:*:standard:*:*:*", "matchCriteriaId": "30A4C793-22FE-43AC-9118-D6EFCA23F384", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.2.2:*:*:*:express:*:*:*", "matchCriteriaId": "9479EFDE-AAC2-4271-B423-7E50F1CA153C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:powervc:1.2.2.2:*:*:*:standard:*:*:*", "matchCriteriaId": "10BF0C56-B240-428C-9D3F-5A0E0D2D4B3B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM PowerVC 1.2.0.x through 1.2.0.4, 1.2.1.x through 1.2.1.2, and 1.2.2.x through 1.2.2.2 does not require authentication for the ceilometer NoSQL database, which allows remote attackers to read or write to arbitrary database records, and consequently obtain administrator privileges, via a session on port 27017."}, {"lang": "es", "value": "IBM PowerVC 1.2.0.x hasta 1.2.0.4, 1.2.1.x hasta 1.2.1.2, y 1.2.2.x hasta 1.2.2.2 no requiere autenticaci\u00f3n para la base de datos del NoSQL ciel\u00f3metro, lo que permite a atacantes remotos leer o escribir en registros arbitrarios de la base de datos, y como consecuencia obtener privilegios administrativos, a trav\u00e9s de una sesi\u00f3n en el puerto 27017."}], "id": "CVE-2015-1937", "lastModified": "2016-11-30T03:00:10.433", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-05-30T19:59:02.740", "references": [{"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020731"}, {"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT08806"}, {"source": "psirt@us.ibm.com", "url": "http://www.securityfocus.com/bid/74911"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}