CVE-2024-39723

IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:storage_virtualize:8.6:*:*:*:*:*:*:*

History

21 Nov 2024, 09:28

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - VDB Entry, Vendor Advisory () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/7159333 - Vendor Advisory () https://www.ibm.com/support/pages/node/7159333 - Vendor Advisory

11 Jul 2024, 14:54

Type Values Removed Values Added
CPE cpe:2.3:a:ibm:storage_virtualize:8.6:*:*:*:*:*:*:*
First Time Ibm
Ibm storage Virtualize
CWE CWE-287
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/295935 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/7159333 - () https://www.ibm.com/support/pages/node/7159333 - Vendor Advisory

08 Jul 2024, 15:49

Type Values Removed Values Added
Summary
  • (es) Los puertos USB de IBM FlashSystem 5300 se pueden utilizar incluso si el administrador ha desactivado el puerto. Un usuario con acceso físico al sistema podría utilizar el puerto USB para provocar la pérdida de acceso a los datos. ID de IBM X-Force: 295935.

08 Jul 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-08 01:15

Updated : 2024-11-21 09:28


NVD link : CVE-2024-39723

Mitre link : CVE-2024-39723

CVE.ORG link : CVE-2024-39723


JSON object : View

Products Affected

ibm

  • storage_virtualize
CWE
CWE-1299

Missing Protection Mechanism for Alternate Hardware Interface

CWE-287

Improper Authentication