CVE-2024-45656
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Flexible Service Processor | FW860.00 <= FW860.B3 | affected |
| IBM | Flexible Service Processor | FW950.00 <= FW950.C0 | affected |
| IBM | Flexible Service Processor | FW1030.00 <= FW1030.61 | affected |
| IBM | Flexible Service Processor | FW1050.00 <= FW1050.21 | affected |
| IBM | Flexible Service Processor | FW1060.00 <= FW1060.10 | affected |
Weaknesses
- CWE-798: CWE-798 Use of Hard-coded Credentials
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.