CVE-2023-25683
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | PowerVM Hypervisor | FW950.00 <= FW950.71 | affected |
| IBM | PowerVM Hypervisor | FW1010.00 <= FW1010.40 | affected |
| IBM | PowerVM Hypervisor | FW1020.00 <= FW1020.20 | affected |
| IBM | PowerVM Hypervisor | FW1030.00 <= FW1030.11 | affected |
Weaknesses
- CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/7002721
- https://exchange.xforce.ibmcloud.com/vulnerabilities/247592
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.ibm.com/support/pages/node/7002721
- https://exchange.xforce.ibmcloud.com/vulnerabilities/247592
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.