9.3

CVE-2023-30438

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server.  IBM X-Force ID:  252706.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmPowervm Hypervisor Version >= fw950 < fw950.71
   IbmPower System E950 Version-
   IbmPower System E980 Version-
   IbmPower System H922 Version-
   IbmPower System H924 Version-
   IbmPower System L922 Version-
   IbmPower System S914 Version-
   IbmPower System S922 Version-
   IbmPower System S924 Version-
IbmPowervm Hypervisor Version >= fw1010.00 < fw1010.51
   IbmPower System E1080 Version-
IbmPowervm Hypervisor Version >= fw1030.00 < fw1030.11
   IbmPower System E1080 Version-
IbmPowervm Hypervisor Version >= fw1020.00 < fw1020.31
   IbmPower System E1050 Version-
   IbmPower System L1022 Version-
   IbmPower System L1024 Version-
   IbmPower System S1014 Version-
   IbmPower System S1022 Version-
   IbmPower System S1022s Version-
   IbmPower System S1024 Version-
IbmPowervm Hypervisor Version >= fw1030.00 < fw1030.11
   IbmPower System E1050 Version-
   IbmPower System L1022 Version-
   IbmPower System L1024 Version-
   IbmPower System S1014 Version-
   IbmPower System S1022 Version-
   IbmPower System S1022s Version-
   IbmPower System S1024 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.063
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2 6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
psirt@us.ibm.com 9.3 2.5 6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H