CVE-2024-45656

CRITICAL EPSS 34.7%
Published Oct 29, 20241y ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Critical
Find Similar
Published Oct 29, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
34.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-798 Use of Hard-coded Credentials Authentication

Affected Products 58

VendorProductVersionRange
ibmpower_system_e1080_\(9080-hex\)_firmware*≥FW1030.00  –  ≤FW1030.61
ibmpower_system_e1080_\(9080-hex\)_firmware*≥FW1050.00  –  ≤FW1050.21
ibmpower_system_e1080_\(9080-hex\)_firmware*≥FW1060.00  –  ≤FW1060.10
ibmpower_system_e1080_\(9080-hex\)*any
ibmpower_system_l922_\(9008-22l\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_l922_\(9008-22l\)*any
ibmpower_system_s922_\(9009-22a\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_s922_\(9009-22a\)*any
ibmpower_system_s922_\(9009-22g\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_s922_\(9009-22g\)*any
ibmpower_system_h922_\(9223-22h\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_h922_\(9223-22h\)*any
ibmpower_system_h922_\(9223-22s\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_h922_\(9223-22s\)*any
ibmpower_system_s914_\(9009-41a\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_s914_\(9009-41a\)*any
ibmpower_system_s914_\(9009-41g\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_s914_\(9009-41g\)*any
ibmpower_system_s924_\(9009-42a\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_s924_\(9009-42a\)*any
ibmpower_system_s924_\(9009-42g\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_s924_\(9009-42g\)*any
ibmpower_system_h924_\(9223-42h\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_h924_\(9223-42h\)*any
ibmpower_system_h924_\(9223-42s\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_h924_\(9223-42s\)*any
ibmpower_system_e950_\(9040-mr9\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_e950_\(9040-mr9\)*any
ibmpower_system_e980_\(9080-m9s\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmpower_system_e980_\(9080-m9s\)*any
ibmess_5000_\(5105-22e\)_firmware*≥FW950.00  –  ≤FW950.C0
ibmess_5000_\(5105-22e\)*any
ibmpower_system_s812_\(8284-21a\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_s812_\(8284-21a\)*any
ibmpower_system_s822_\(8284-22a\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_s822_\(8284-22a\)*any
ibmpower_system_s814_\(8286-41a\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_s814_\(8286-41a\)*any
ibmpower_system_s824_\(8286-42a\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_s824_\(8286-42a\)*any
ibmpower_system_s812l_\(8247-21l\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_s812l_\(8247-21l\)*any
ibmpower_system_s822l_\(8247-22l\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_s822l_\(8247-22l\)*any
ibmpower_system_s824l_\(8247-42l\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_s824l_\(8247-42l\)*any
ibmpower_system_e850_\(8408-e8e\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_e850_\(8408-e8e\)*any
ibmpower_system_e850c_\(8408-44e\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_e850c_\(8408-44e\)*any
ibmpower_system_e870_\(9119-mme\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_e870_\(9119-mme\)*any
ibmpower_system_e880_\(9119-mhe\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_e880_\(9119-mhe\)*any
ibmpower_system_e870c_\(9080-mme\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_e870c_\(9080-mme\)*any
ibmpower_system_e880c_\(9080-mhe\)_firmware*≥FW860.00  –  ≤FW860.B3
ibmpower_system_e880c_\(9080-mhe\)*any

References 1

  • ibm.com https://www.ibm.com/support/pages/node/7174183
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.