Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

OPENBMC

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2026-7254
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 27.03%
||
7 Day CHG+0.05%
Published-27 May, 2026 | 13:12
Updated-02 Jun, 2026 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open BMC Denial of Service

IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network users.

Action-Not Available
Vendor-IBM Corporation
Product-openbmcOPENBMC
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-38960
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.22% / 44.97%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:33
Updated-16 Sep, 2024 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X-Force ID: 212047.

Action-Not Available
Vendor-IBM Corporation
Product-power_hardware_management_console_\(7063-cr2\)_firmwarepower_system_ac922_\(8335-gtx\)_firmwarepower_system_ac922_\(8335-gth\)_firmwarepower_system_ac922_\(8335-gth\)power_system_ac922_\(8335-gtx\)power_hardware_management_console_\(7063-cr2\)HMCOPENBMC
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-38961
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.13% / 32.14%
||
7 Day CHG~0.00%
Published-27 Dec, 2021 | 17:10
Updated-16 Sep, 2024 | 21:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049.

Action-Not Available
Vendor-IBM Corporation
Product-power_system_ac922_\(8335-gtw\)power_system_ac922_\(8335-gtg\)_firmwarepower_system_ac922_\(8335-gtc\)_firmwarepower_system_ac922_\(8335-gtg\)power_system_ac922_\(8335-gtw\)_firmwarepower_system_ac922_\(8335-gtc\)OPENBMC
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')