CVE-2024-39723

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-39723
IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935.

4.6 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 3.6

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/7159333 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/7159333 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:storage_virtualize:8.6:*:*:*:*:*:*:*
History

21 Nov 2024, 09:28

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - VDB Entry, Vendor Advisory () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/7159333 - Vendor Advisory () https://www.ibm.com/support/pages/node/7159333 - Vendor Advisory

11 Jul 2024, 14:54

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/7159333 - () https://www.ibm.com/support/pages/node/7159333 - Vendor Advisory
First Time Ibm
Ibm storage Virtualize
CWE CWE-287
CPE cpe:2.3:a:ibm:storage_virtualize:8.6:*:*:*:*:*:*:*

08 Jul 2024, 15:49

Type Values Removed Values Added
Summary
  • (es) Los puertos USB de IBM FlashSystem 5300 se pueden utilizar incluso si el administrador ha desactivado el puerto. Un usuario con acceso físico al sistema podría utilizar el puerto USB para provocar la pérdida de acceso a los datos. ID de IBM X-Force: 295935.

08 Jul 2024, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-08 01:15

Updated : 2024-11-21 09:28

NVD link : CVE-2024-39723

Mitre link : CVE-2024-39723

CVE.ORG link : CVE-2024-39723

JSON object : View

Products Affected

ibm

  • storage_virtualize
CWE
CWE-1299

Missing Protection Mechanism for Alternate Hardware Interface

CWE-287

Improper Authentication


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024