CVE-2024-45656— IBM Flexible Service Processor hard coded credentials

CVSS 9.8 · Critical EPSS 0.15% · P36 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-45656

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

IBM Flexible Service Processor hard coded credentials

Source: NVD (National Vulnerability Database)

Vulnerability Description

IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

使用硬编码的凭证

Source: NVD (National Vulnerability Database)

Vulnerability Title

IBM Flexible Service Processor 信任管理问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

IBM Flexible Service Processor（IBM FSP）是美国国际商业机器（IBM）公司的一系列灵活服务处理器。 IBM Flexible Service Processor存在信任管理问题漏洞，该漏洞源于具有静态凭证，可能允许网络用户获得 FSP 的服务特权。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
IBM	Flexible Service Processor	FW860.00 ~ FW860.B3	`cpe:2.3:o:ibm:power9_system_firmware:fw1060.00:::::::*`

II. Public POCs for CVE-2024-45656

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-45656

请登录查看更多情报信息。

IV. Related Vulnerabilities

Same vendor: IBM

Same weakness: CWE-798

V. Comments for CVE-2024-45656

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-45656— IBM Flexible Service Processor hard coded credentials

I. Basic Information for CVE-2024-45656

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2024-45656

III. Intelligence Information for CVE-2024-45656

IV. Related Vulnerabilities

V. Comments for CVE-2024-45656

Leave a comment