IBM PowerVM Hypervisor information disclosure
CVE-2023-25683

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Powervm Hypervisor
Vendor: CVE Published:; 15 June 2023

What is CVE-2023-25683?

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592.

Affected Version(s)

PowerVM Hypervisor FW950.00

PowerVM Hypervisor FW1010.00

PowerVM Hypervisor FW1020.00

References

https://www.ibm.com/support/pages/node/7002721

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/247592

vdb-entry

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2023
Vulnerability Reserved
Feb 11, 2023