CVE-2023-25683

CWE-200Information Exposure3 documents3 sources
Severity
7.5HIGH
EPSS
0.1%
top 75.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Powervm Hypervisor
Timeline
PublishedJun 15

Description

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/powervm_hypervisorFW950.00FW950.71+3
NVDibm/powervm_hypervisorfw950fw950.71+3

🔴Vulnerability Details

2
CVEList
IBM PowerVM Hypervisor information disclosure2023-06-15
GHSA
GHSA-25jc-w8gj-g4wg: IBM PowerVM Hypervisor FW9502023-06-15
CVE-2023-25683 (HIGH CVSS 7.5) | IBM PowerVM Hypervisor FW950.00 thr | cvebase.io