CVE-2024-45656
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: psirt@us.ibm.com (Secondary)
Description
IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.
Affected (30)
Products: Ibm: Power System E1080 (9080 Hex) Firmware, Power System L922 (9008 22l) Firmware, Power System S922 (9009 22a) Firmware, Power System S922 (9009 22g) Firmware, Power System H922 (9223 22h) Firmware, Power System H922 (9223 22s) Firmware, Power System S914 (9009 41a) Firmware, Power System S914 (9009 41g) Firmware, Power System S924 (9009 42a) Firmware, Power System S924 (9009 42g) Firmware, Power System H924 (9223 42h) Firmware, Power System H924 (9223 42s) Firmware, Power System E950 (9040 Mr9) Firmware, Power System E980 (9080 M9s) Firmware, Ess 5000 (5105 22e) Firmware, Power System S812 (8284 21a) Firmware, Power System S822 (8284 22a) Firmware, Power System S814 (8286 41a) Firmware, Power System S824 (8286 42a) Firmware, Power System S812l (8247 21l) Firmware, Power System S822l (8247 22l) Firmware, Power System S824l (8247 42l) Firmware, Power System E850 (8408 E8e) Firmware, Power System E850c (8408 44e) Firmware, Power System E870 (9119 Mme) Firmware, Power System E880 (9119 Mhe) Firmware, Power System E870c (9080 Mme) Firmware, Power System E880c (9080 Mhe) Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From FW1030.00 to FW1030.61 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E1080 (9080 Hex) | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System L922 (9008 22l) | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S922 (9009 22a) | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S922 (9009 22g) | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System H922 (9223 22h) | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System H922 (9223 22s) | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S914 (9009 41a) | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S914 (9009 41g) | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S924 (9009 42a) | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S924 (9009 42g) | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System H924 (9223 42h) | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System H924 (9223 42s) | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E950 (9040 Mr9) | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E980 (9080 M9s) | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| From FW950.00 to FW950.C0 |
| Running on/with | Platform Versions |
|---|---|
Ibm Ess 5000 (5105 22e) | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S812 (8284 21a) | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S822 (8284 22a) | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S814 (8286 41a) | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S824 (8286 42a) | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S812l (8247 21l) | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S822l (8247 22l) | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System S824l (8247 42l) | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E850 (8408 E8e) | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E850c (8408 44e) | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E870 (9119 Mme) | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E880 (9119 Mhe) | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E870c (9080 Mme) | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| From FW860.00 to FW860.B3 |
| Running on/with | Platform Versions |
|---|---|
Ibm Power System E880c (9080 Mhe) | All versions |
References (1)
Timeline
No history available yet.