9.8

CVE-2024-45656

EPSS 0.11%
Veröffentlicht 29.10.2024 01:15:03
Zuletzt bearbeitet 03.12.2025 18:14:19
Quelle psirt@us.ibm.com
CVE-Watchlists
Login
Unerledigt
Login

IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Power System E1080 (9080-hex) Firmware Version >= FW1030.00 <= FW1030.61

Ibm ≫ Power System E1080 (9080-hex) Version-

Ibm ≫ Power System E1080 (9080-hex) Firmware Version >= FW1050.00 <= FW1050.21

Ibm ≫ Power System E1080 (9080-hex) Version-

Ibm ≫ Power System E1080 (9080-hex) Firmware Version >= FW1060.00 <= FW1060.10

Ibm ≫ Power System E1080 (9080-hex) Version-

Ibm ≫ Power System L922 (9008-22l) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System S922 (9009-22a) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System S922 (9009-22g) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System S922 (9009-22g) Version-

Ibm ≫ Power System H922 (9223-22h) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System H922 (9223-22s) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System H922 (9223-22s) Version-

Ibm ≫ Power System S914 (9009-41a) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System S914 (9009-41g) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System S914 (9009-41g) Version-

Ibm ≫ Power System S924 (9009-42a) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System S924 (9009-42g) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System S924 (9009-42g) Version-

Ibm ≫ Power System H924 (9223-42h) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System H924 (9223-42s) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System H924 (9223-42s) Version-

Ibm ≫ Power System E950 (9040-mr9) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System E950 (9040-mr9) Version-

Ibm ≫ Power System E980 (9080-m9s) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Power System E980 (9080-m9s) Version-

Ibm ≫ Ess 5000 (5105-22e) Firmware Version >= FW950.00 <= FW950.C0

Ibm ≫ Ess 5000 (5105-22e) Version-

Ibm ≫ Power System S812 (8284-21a) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System S812 (8284-21a) Version-

Ibm ≫ Power System S822 (8284-22a) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System S822 (8284-22a) Version-

Ibm ≫ Power System S814 (8286-41a) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System S814 (8286-41a) Version-

Ibm ≫ Power System S824 (8286-42a) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System S824 (8286-42a) Version-

Ibm ≫ Power System S812l (8247-21l) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System S812l (8247-21l) Version-

Ibm ≫ Power System S822l (8247-22l) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System S822l (8247-22l) Version-

Ibm ≫ Power System S824l (8247-42l) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System S824l (8247-42l) Version-

Ibm ≫ Power System E850 (8408-e8e) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System E850 (8408-e8e) Version-

Ibm ≫ Power System E850c (8408-44e) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System E850c (8408-44e) Version-

Ibm ≫ Power System E870 (9119-mme) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System E870 (9119-mme) Version-

Ibm ≫ Power System E880 (9119-mhe) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System E880 (9119-mhe) Version-

Ibm ≫ Power System E870c (9080-mme) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System E870c (9080-mme) Version-

Ibm ≫ Power System E880c (9080-mhe) Firmware Version >= FW860.00 <= FW860.B3

Ibm ≫ Power System E880c (9080-mhe) Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.306

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@us.ibm.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.ibm.com/support/pages/node/7174183

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-45656

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-45656

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-45656

EUVD