PT-2022-22135 · Ibm · Ibm Power
Published
2022-11-11
·
Updated
2022-11-17
·
CVE-2022-34331
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Power versions FW950 through FW1010
Description
The issue arises after a sequence of maintenance operations on Power FW950 and FW1010, leading to an improper configuration of a SRIOV network adapter. This results in the desired VEPA configuration being disabled.
Recommendations
For versions FW950 through FW1010, consider reconfiguring the SRIOV network adapter to enable the desired VEPA configuration after performing maintenance operations. As a temporary workaround, restrict access to the network adapter until the issue is resolved.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Power