CVE-2023-30438
IBM PowerVM gain access
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
17 may 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server. IBM X-Force ID: 252706.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Productos afectados
IBM · PowerVM Hypervisor