CVE-2021-38917

Опубликовано: 10 дек. 2021

Источник: nvd

CVSS3: 7.4

CVSS3: 9.1

CVSS2: 9.4

EPSS Низкий

Описание

IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted service procedures. IBM X-Force ID: 210018.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/210018
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6525010
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/210018
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6525010
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:ibm:powervm_hypervisor:fw860:*:*:*:*:*:*:*

cpe:2.3:o:ibm:powervm_hypervisor:fw940:*:*:*:*:*:*:*

cpe:2.3:o:ibm:powervm_hypervisor:fw950:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00174

Низкий

7.4 High

CVSS3

9.1 Critical

CVSS3

9.4 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-jrj8-w63v-jf8f

github

около 4 лет назад

EPSS

Процентиль: 39%

0.00174

Низкий

7.4 High

CVSS3

9.1 Critical

CVSS3

9.4 Critical

CVSS2

Дефекты

NVD-CWE-noinfo