Lucene search

[email protected]NVD:CVE-2023-25683

HistoryJun 15, 2023 - 1:15 a.m.

CVE-2023-25683

2023-06-1501:15:10

CWE-200

[email protected]

web.nvd.nist.gov

ibm powervm

hypervisor

firmware

information disclosure

hmc

ibm x-force

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

41.4%

JSON

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592.

Affected configurations

Nvd

Node

ibmpowervm_hypervisorRangefw950–fw950.71

ibmpowervm_hypervisorRangefw1010–fw1010.40

ibmpowervm_hypervisorRangefw1020–fw1020.20

ibmpowervm_hypervisorRangefw1030–fw1030.11

References

exchange.xforce.ibmcloud.com/vulnerabilities/247592

www.ibm.com/support/pages/node/7002721

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

41.4%

JSON

Related for NVD:CVE-2023-25683

cvelist1 ibm1 prion1 cve1