CVSS: 5.1EPSS: %CPEs: 4EXPL: 0CVE-2024-41781 – IBM PowerVM Hypervisor information disclosure
https://notcve.org/view.php?id=CVE-2024-41781
IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore. La funcionalidad de IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 a FW950.90, FW1030.00 a FW1030.60, FW1050.00 a FW1050.20 y FW1060.00 a FW1060.10) puede verse comprometida si un atacante obtiene acceso de servicio a la HMC. Un atacante que obtiene acceso de servicio a la HMC puede localizar y, a través de una serie de procedimientos de servicio, descifrar los datos contenidos en Platform KeyStore. • https://www.ibm.com/support/pages/node/7172698 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-46183 – IBM PowerVM Hypervisor information disclosure
https://notcve.org/view.php?id=CVE-2023-46183
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could allow a system administrator to obtain sensitive partition information. IBM X-Force ID: 269695. IBM PowerVM Hypervisor FW950.00 a FW950.90, FW1020.00 a FW1020.40 y FW1030.00 a FW1030.30 podrían permitir a un administrador del sistema obtener información confidencial de la partición. ID de IBM X-Force: 269695. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269695 https://www.ibm.com/support/pages/node/7114982 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-33851 – IBM PowerVM Hypervisor information disclosure
https://notcve.org/view.php?id=CVE-2023-33851
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135. IBM PowerVM Hypervisor FW950.00 a FW950.90, FW1020.00 a FW1020.40 y FW1030.00 a FW1030.30 podrían revelar datos de partición confidenciales a un administrador del sistema. ID de IBM X-Force: 257135. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257135 https://www.ibm.com/support/pages/node/7114491 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25683 – IBM PowerVM Hypervisor information disclosure
https://notcve.org/view.php?id=CVE-2023-25683
IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247592 https://www.ibm.com/support/pages/node/7002721 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.9EPSS: 0%CPEs: 6EXPL: 0CVE-2023-30440 – IBM PowerVM Hypervisor denial of service
https://notcve.org/view.php?id=CVE-2023-30440
IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function (VF) to cause a denial of service to a peer partition or arbitrary data corruption. IBM X-Force ID: 253175. • https://exchange.xforce.ibmcloud.com/vulnerabilities/253175 https://www.ibm.com/support/pages/node/6997133 • CWE-20: Improper Input Validation •