What is CVE-2023-25683?

CVE-2023-25683 is a medium-severity vulnerability in Ibm Powervm Hypervisor, classified under Information Disclosure. CVSS score: 5.9/10. Published 2023-06-15.

How severe is CVE-2023-25683?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Information disclosure in Ibm Powervm Hypervisor

CVE-2023-25683

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IB…

Vulnerability class: Information Disclosure

EPSS: 0.001 (24.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Ibm Powervm Hypervisor — versions FW950.00, FW1010.00, FW1020.00

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

www.ibm.com/support/pages/node/7002721 (vendor-advisory)
exchange.xforce.ibmcloud.com/vulnerabilities/247592 (vdb-entry)

Frequently asked questions

What is CVE-2023-25683?: CVE-2023-25683 is a medium-severity vulnerability in Ibm Powervm Hypervisor, classified under Information Disclosure. CVSS score: 5.9/10. Published 2023-06-15.
How severe is CVE-2023-25683?: Medium severity. CVSS v3 base score is 5.9 out of 10.