CVE-2015-1937 Information
Share on:
Feb 14, 2021
cve
Description
IBM PowerVC 1.2.0.x through 1.2.0.4 1.2.1.x through 1.2.1.2 and 1.2.2.x through 1.2.2.2 does not require authentication for the ceilometer NoSQL database which allows remote attackers to read or write to arbitrary database records and consequently obtain administrator privileges via a session on port 27017.
Reference
http://www.securityfocus.com/bid/74911 http://www-01.ibm.com/support/docview.wss?uid=nas8N1020731 http://www-01.ibm.com/support/docview.wss?uid=swg1IT08806