Vulnerabilities > CVE-2012-4856 - Credentials Management vulnerability in IBM Power 5 and Power 5 System Firmware
Attack vector
ADJACENT_NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The Service Processor in the IBM Power 5 91##-### and 940#-### before SF240_418_382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via unspecified vectors.