No advisories yet.
Solution
IBM strongly recommends addressing the vulnerability now by upgrading based on the table below. ProductVersionRemediationPowerVM Novalink 2.2.1.1 Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html or Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html PowerVM Novalink 2.3.3 Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html
Workaround
No workaround given by the vendor.
| Link | Providers |
|---|---|
| https://www.ibm.com/support/pages/node/7280225 |
|
Fri, 17 Jul 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions. | |
| Title | This PowerVM Novalink update is being released to address | |
| First Time appeared |
Ibm
Ibm powervm Novalink |
|
| Weaknesses | CWE-16 | |
| CPEs | cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:* |
|
| Vendors & Products |
Ibm
Ibm powervm Novalink |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2026-07-17T19:49:41.211Z
Reserved: 2026-07-07T16:36:57.998Z
Link: CVE-2026-14971
No data.
No data.
No data.
OpenCVE Enrichment
No data.