Vulnerability Details : CVE-2023-33851
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135.
Vulnerability category: Information leak
Products affected by CVE-2023-33851
- IBM » Powervm HypervisorVersions from including (>=) fw1020.00 and up to, including, (<=) fw1020.40cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*
- IBM » Powervm HypervisorVersions from including (>=) fw1030.00 and up to, including, (<=) fw1030.30cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-33851
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 32 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-33851
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
1.2
|
3.6
|
NIST | 2024-02-12 |
5.3
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N |
0.8
|
4.0
|
IBM Corporation | 2024-02-04 |
CWE ids for CVE-2023-33851
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: psirt@us.ibm.com (Secondary)
References for CVE-2023-33851
-
https://www.ibm.com/support/pages/node/7114491
Security Bulletin: This Power System update is being released to address CVE-2023-33851Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/257135
IBM PowerVM Hypervisor information disclosure CVE-2023-33851 Vulnerability ReportVDB Entry;Vendor Advisory
Jump to