Multiple vulnerabilities have been found in IBM PowerVC. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information.

Below is a complete list of vulnerabilities

1. Improper certificate validation can be exploited remotely via a specially designed certificate;
2. Lack of access token incapsulation can be exploited locally via manipulations with process list.

IBM PowerVC 1.2.0 versions earlier than 1.2.0.4
IBM PowerVC 1.2.1 all versions

Update to latest version!