Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for PowerVM Novalink by IBM

    CVE-2026-14971 (GCVE-0-2026-14971)

    Vulnerability from nvd – Published: 2026-07-17 19:49 – Updated: 2026-07-17 19:49
    VLAI
    Title
    This PowerVM Novalink update is being released to address
    Summary
    IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions.
    CWE
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7280225 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM PowerVM Novalink Affected: 2.2.02.2.12.2.1.1
    Affected: 2.3.02.3.0.12.3.12.3.2
        cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*"
              ],
              "product": "PowerVM Novalink",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.02.2.12.2.1.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.02.3.0.12.3.12.3.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions.\u003c/p\u003e"
                }
              ],
              "value": "IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-16",
                  "description": "CWE-16 Configuration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:49:41.211Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7280225"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eRemediation\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.2.1.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.2.1.1-260708\u003c/a\u003e\u003c/p\u003e\u003cp\u003eor\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.3.3\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\n\nProductVersionRemediationPowerVM Novalink\n\n2.2.1.1\n\n\n\n Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html \n\n\n\nor\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html \n\nPowerVM Novalink\n\n2.3.3\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html"
            }
          ],
          "title": "This PowerVM Novalink update is being released to address",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-14971",
        "datePublished": "2026-07-17T19:49:41.211Z",
        "dateReserved": "2026-07-07T16:36:57.998Z",
        "dateUpdated": "2026-07-17T19:49:41.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9171 (GCVE-0-2026-9171)

    Vulnerability from nvd – Published: 2026-07-17 18:26 – Updated: 2026-07-17 18:26
    VLAI
    Title
    Vulnerabilities in IBM WebSphere Application affects IBM PowerVM Novalink.
    Summary
    IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7280226 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM PowerVM Novalink Affected: 2.2.02.2.12.2.1.1
    Affected: 2.3.02.3.0.12.3.12.3.2
        cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*"
              ],
              "product": "PowerVM Novalink",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.02.2.12.2.1.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.02.3.0.12.3.12.3.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.\u003c/p\u003e"
                }
              ],
              "value": "IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T18:26:10.326Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7280226"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eRemediation\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.2.1.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.2.1.1-260708\u003c/a\u003e\u003c/p\u003e\u003cp\u003eor\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.3.3\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\n\nProductVersionRemediationPowerVM Novalink\n\n2.2.1.1\n\n\n\n Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html \n\n\n\nor\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html \n\nPowerVM Novalink\n\n2.3.3\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html"
            }
          ],
          "title": "Vulnerabilities in IBM WebSphere Application affects IBM PowerVM Novalink.",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-9171",
        "datePublished": "2026-07-17T18:26:10.326Z",
        "dateReserved": "2026-05-21T14:37:46.761Z",
        "dateUpdated": "2026-07-17T18:26:10.326Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14971 (GCVE-0-2026-14971)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:49 – Updated: 2026-07-17 19:49
    VLAI
    Title
    This PowerVM Novalink update is being released to address
    Summary
    IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions.
    CWE
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7280225 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM PowerVM Novalink Affected: 2.2.02.2.12.2.1.1
    Affected: 2.3.02.3.0.12.3.12.3.2
        cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*"
              ],
              "product": "PowerVM Novalink",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.02.2.12.2.1.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.02.3.0.12.3.12.3.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions.\u003c/p\u003e"
                }
              ],
              "value": "IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-16",
                  "description": "CWE-16 Configuration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:49:41.211Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7280225"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eRemediation\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.2.1.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.2.1.1-260708\u003c/a\u003e\u003c/p\u003e\u003cp\u003eor\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.3.3\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\n\nProductVersionRemediationPowerVM Novalink\n\n2.2.1.1\n\n\n\n Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html \n\n\n\nor\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html \n\nPowerVM Novalink\n\n2.3.3\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html"
            }
          ],
          "title": "This PowerVM Novalink update is being released to address",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-14971",
        "datePublished": "2026-07-17T19:49:41.211Z",
        "dateReserved": "2026-07-07T16:36:57.998Z",
        "dateUpdated": "2026-07-17T19:49:41.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9171 (GCVE-0-2026-9171)

    Vulnerability from cvelistv5 – Published: 2026-07-17 18:26 – Updated: 2026-07-17 18:26
    VLAI
    Title
    Vulnerabilities in IBM WebSphere Application affects IBM PowerVM Novalink.
    Summary
    IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7280226 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM PowerVM Novalink Affected: 2.2.02.2.12.2.1.1
    Affected: 2.3.02.3.0.12.3.12.3.2
        cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*"
              ],
              "product": "PowerVM Novalink",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.02.2.12.2.1.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.02.3.0.12.3.12.3.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.\u003c/p\u003e"
                }
              ],
              "value": "IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T18:26:10.326Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7280226"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eRemediation\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.2.1.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.2.1.1-260708\u003c/a\u003e\u003c/p\u003e\u003cp\u003eor\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.3.3\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\n\nProductVersionRemediationPowerVM Novalink\n\n2.2.1.1\n\n\n\n Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html \n\n\n\nor\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html \n\nPowerVM Novalink\n\n2.3.3\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html"
            }
          ],
          "title": "Vulnerabilities in IBM WebSphere Application affects IBM PowerVM Novalink.",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-9171",
        "datePublished": "2026-07-17T18:26:10.326Z",
        "dateReserved": "2026-05-21T14:37:46.761Z",
        "dateUpdated": "2026-07-17T18:26:10.326Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }