CVE-2024-45656

IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7174183

Configurations

No configuration.

History

29 Oct 2024, 14:34

Type	Values Removed	Values Added
Summary		(es) IBM Flexible Service Processor (FSP) FW860.00 a FW860.B3, FW950.00 a FW950.C0, FW1030.00 a FW1030.61, FW1050.00 a FW1050.21 y FW1060.00 a FW1060.10 tienen credenciales estáticas que pueden permitir a los usuarios de la red obtener privilegios de servicio para el FSP.

29 Oct 2024, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-29 01:15

Updated : 2024-10-29 14:34

NVD link : CVE-2024-45656

Mitre link : CVE-2024-45656

CVE.ORG link : CVE-2024-45656

JSON object : View

Products Affected

No product.

CWE

CWE-798

Use of Hard-coded Credentials

9.8 /10