CVE-2023-25683

Summary

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592.

Affected Software

VendorProductVersion RangeStatus
IBMPowerVM HypervisorFW950.00 <= FW950.71affected
IBMPowerVM HypervisorFW1010.00 <= FW1010.40affected
IBMPowerVM HypervisorFW1020.00 <= FW1020.20affected
IBMPowerVM HypervisorFW1030.00 <= FW1030.11affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References