CVE-2024-39723

Summary

IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935.

Affected Software

VendorProductVersion RangeStatus
IBMStorage Virtualize8.6affected

Weaknesses

  • CWE-1299: CWE-1299 Missing Protection Mechanism for Alternate Hardware Interface

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References