CVE-2020-14156

user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions.

Date published : 2020-06-15

https://github.com/openbmc/openbmc/issues/3670

https://lists.ozlabs.org/pipermail/openbmc/2020-June/022020.html