Back to overview

CVE-2026-14971

LOW
3.9
CVSS 3.1
Description
IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions.

Metadata

CVE ID
CVE-2026-14971
State
PUBLISHED
Assigner
ibm
Reserved
2026-07-07 16:36 UTC
Published
2026-07-17 19:49 UTC
Last updated
2026-07-17 19:49 UTC
Primary CWE
CWE-16
CWE-16 Configuration
Vendor / Product
IBM / PowerVM Novalink
Sources
cve.org  ·  NVD

Severity & Metrics

3.9 LOW CVSS 3.1
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
Affected products (1)
VendorProductPlatformVersions
IBM PowerVM Novalink 2.2.02.2.12.2.1.1, 2.3.02.3.0.12.3.12.3.2
Weakness (CWE)
CWESourceDescription
CWE-16 cna CWE-16 Configuration
CVSS scores (1)
ScoreSeverityVersionSourceVector
3.9 LOW 3.1 cna CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
Back to overview