IBM Support

Security Bulletin: Vulnerability in systemd affects Power Hardware Management Console (CVE-2019-6454)

Security Bulletin


Summary

The systemd is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVE

Vulnerability Details

CVEID: CVE-2019-6454
DESCRIPTION:

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.
CVSS Base Score: 7

CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Power HMC V8.7.0.0
Power HMC V9.1.910.0

Remediation/Fixes

Remediation/Fixes

  The following fixes are available on IBM Fix Central at: http://www-933.ibm.com/support/fixcentral/

Product
VRMF
APAR
Remediation/Fix
Power HMC
V8.8.7.1 SP3 ppc
MB04210
Power HMC
V8.8.7.1 SP3 x86
MB04209
Power HMC
V9.1.930.1  SP1 ppc
MB04213
Power HMC
V9.1.930.0  SP1 x86
MB04212

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Change History

Initial Version: 24 June 2019

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Type":"MASTER","Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SGGSNP","label":"Hardware Management Console V9"},"ARM Category":[{"code":"a8m0z0000001itSAAQ","label":"Hardware Management Console-\u003ESecurity"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.1.91"}]

Document Information

Modified date:
22 September 2021

UID

ibm10741077