CVE-2024-45656
CRITICALIBM Power System E1080 (9080-hex) Firmware - Hard-coded Credentials
Title source: ruleDescription
IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.
References (1)
Core 1
Core References
Vendor Advisory
https://www.ibm.com/support/pages/node/7174183
Scores
CVSS v3
9.8
EPSS
0.0015
EPSS Percentile
35.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-798
Status
published
Products (28)
ibm/ess_5000_\(5105-22e\)_firmware
FW950.00 - FW950.C0
ibm/power_system_e1080_\(9080-hex\)_firmware
FW1030.00 - FW1030.61
ibm/power_system_e850_\(8408-e8e\)_firmware
FW860.00 - FW860.B3
ibm/power_system_e850c_\(8408-44e\)_firmware
FW860.00 - FW860.B3
ibm/power_system_e870_\(9119-mme\)_firmware
FW860.00 - FW860.B3
ibm/power_system_e870c_\(9080-mme\)_firmware
FW860.00 - FW860.B3
ibm/power_system_e880_\(9119-mhe\)_firmware
FW860.00 - FW860.B3
ibm/power_system_e880c_\(9080-mhe\)_firmware
FW860.00 - FW860.B3
ibm/power_system_e950_\(9040-mr9\)_firmware
FW950.00 - FW950.C0
ibm/power_system_e980_\(9080-m9s\)_firmware
FW950.00 - FW950.C0
... and 18 more
Published
Oct 29, 2024
Tracked Since
Feb 18, 2026