CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-20505

The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. If an attacker has the ability to capture encrypted LPM network traffic and is able to gain service access to the FSP they can use this information to perform a series of PowerVM service procedures to decrypt the captured migration traffic IBM X-Force ID: 198232

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.8%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 3.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/198232
https://www.ibm.com/support/pages/node/6475619
https://exchange.xforce.ibmcloud.com/vulnerabilities/198232
https://www.ibm.com/support/pages/node/6475619

Products affected by CVE-2021-20505

Ibm » Powervm Hypervisor » Version: fw920

cpe:2.3:o:ibm:powervm_hypervisor:fw920
Ibm » Powervm Hypervisor » Version: fw930

cpe:2.3:o:ibm:powervm_hypervisor:fw930
Ibm » Powervm Hypervisor » Version: fw940

cpe:2.3:o:ibm:powervm_hypervisor:fw940
Ibm » Powervm Hypervisor » Version: fw950

cpe:2.3:o:ibm:powervm_hypervisor:fw950

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20505

Products

Pricing

Contact Us