5.9
CVE-2024-41781
- EPSS 0.08%
- Published 22.11.2024 12:15:19
- Last modified 15.08.2025 17:33:18
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Powervm Hypervisor Version >= fw950.00 <= fw950.b0
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Powervm Hypervisor Version >= fw1030.00 <= fw1030.60
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Powervm Hypervisor Version >= fw1050.00 <= fw1050.20
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Powervm Hypervisor Version >= fw1060.00 <= fw1060.10
Ibm ≫ Power System E950 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Ibm ≫ Power System E980 Version-
Ibm ≫ Power System H922 Version-
Ibm ≫ Power System H924 Version-
Ibm ≫ Power System L922 Version-
Ibm ≫ Power System S914 Version-
Ibm ≫ Power System S922 Version-
Ibm ≫ Power System S924 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.238 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.1 | 0.7 | 4 |
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
|
CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.