5.9
CVE-2024-41781
- EPSS 0.08%
- Veröffentlicht 22.11.2024 12:15:19
- Zuletzt bearbeitet 15.08.2025 17:33:18
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Powervm Hypervisor Version >= fw950.00 <= fw950.b0
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Powervm Hypervisor Version >= fw1030.00 <= fw1030.60
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Powervm Hypervisor Version >= fw1050.00 <= fw1050.20
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Powervm Hypervisor Version >= fw1060.00 <= fw1060.10
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.238 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.1 | 0.7 | 4 |
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
|
CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.