Primary

Context

IBM OpenBMC Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in IBM OpenBMC versions FW1110.00 through FW1110.11. This vulnerability allows unauthenticated network users to disrupt the BMC's HTTPS service, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition on the BMC's HTTPS interface, allowing unauthenticated network users to disrupt service.

Remediation

Users should upgrade to version FW1110.20(1110_130) or newer. This version is available through IBM Fix Central. For Power 11 systems, specific model details can be found in the IBM Security Bulletin.

Added: May 28, 2026, 5:09 AM

Updated: May 28, 2026, 5:09 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.6

exploitability

7.0

remediation

7.9

relevance

9.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.6

exploitability

7.0

remediation

7.9

relevance

9.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM OpenBMC Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM OPENBMC

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating