IbmVULNRICHMENT:CVE-2023-33851CVE-2023-33851 IBM PowerVM Hypervisor information disclosure
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135.
CNA Affected
[
{
"vendor": "IBM",
"product": "PowerVM Hypervisor",
"versions": [
{
"status": "affected",
"version": "FW950.00",
"versionType": "semver",
"lessThanOrEqual": "FW950.90"
},
{
"status": "affected",
"version": "FW1020.00",
"versionType": "semver",
"lessThanOrEqual": "FW1020.40"
},
{
"status": "affected",
"version": "FW1030.00",
"versionType": "semver",
"lessThanOrEqual": "FW1030.30"
}
],
"defaultStatus": "unaffected"
}
]Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial