IBM PowerVM Hypervisor Vulnerability Could Reveal Sensitive Data
CVE-2023-33851

4.9MEDIUM

Key Information:

Vendor: IBM
Status: Powervm Hypervisor
Vendor: CVE Published:; 4 February 2024

What is CVE-2023-33851?

The vulnerability in the IBM PowerVM Hypervisor affects multiple firmware versions, potentially allowing a system administrator to access sensitive partition data. This exposure could compromise the confidentiality of data within virtualized environments, leading to unauthorized access and manipulation of critical information. Organizations using the affected versions should take immediate steps to mitigate the risks associated with this vulnerability by applying necessary patches and reviewing their security protocols.

References

https://www.ibm.com/support/pages/node/7114491

https://exchange.xforce.ibmcloud.com/vulnerabilities/257135

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 4, 2024