Lucene search
IbmCVE-2022-34331HistoryNov 11, 2022 - 6:15 p.m.
CVE-2022-34331
2022-11-1118:15:09
CWE-287
ibm
web.nvd.nist.gov
40
3
cve-2022-34331
power fw950
power fw1010
sriov
network adapter
vepa configuration
ibm x-force id
229695
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.002
Percentile
58.3%
After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. IBM X-Force ID: 229695.
Affected configurations
Node
ibmpowervm_hypervisorMatchfw950
ORibmpowervm_hypervisorMatchfw1010
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | powervm_hypervisor | fw950 | cpe:2.3:o:ibm:powervm_hypervisor:fw950:*:*:*:*:*:*:* |
| ibm | powervm_hypervisor | fw1010 | cpe:2.3:o:ibm:powervm_hypervisor:fw1010:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Power FW",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "FW950, FW1010"
}
]
}
]Social References
More
Related
cvelist
cvelist
CVE-2022-34331 IBM Power FW security bypass
2022-11-11 17:45:30
prion
prion
Design/Logic Flaw
2022-11-11 18:15:00
cnvd
cnvd
IBM PowerVM Hypervisor Configuration Error Vulnerability
2022-11-16 00:00:00
nvd
nvd
CVE-2022-34331
2022-11-11 18:15:09
ibm
ibm
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.002
Percentile
58.3%
Related for CVE-2022-34331