HMC

Hello,

Please can you help me, is it possible to overcome the following vulnerabilities

FQDN: Does not reversely resolve Interception of user credentials and data due to use of the TELNET TCP/2301 protocol

FQDN: Does not reversely resolve Interception of user credentials and data due to use of the TELNET TCP/2300 protocol

Thanks,

That's a bit opaque.

Is there a CVE for that ?
What are those vulnerabilities supposed to be?

Sure! No problem.  Just upgrade your HMC to the most current release and it drops system consoles on unsecure telnet.  You will have to use secure telnet.  Easy to set up.  Much easier than setting up secure telnet for regular 5250 sessions.

The only concern is if you're running an older Power system which doesn't support the most current versions of HMC, or if you let your firmware and hmc versions drag so far behind that you may need to stairstep their upgrades to current versions.

Never checked about setting up secure console sessions until I had to so maybe it could be done on the older releases of HMC but I tend to upgrade pretty quickly and who can remember versions of HMC that old for such a long period?