CVE-2024-39723 MEDIUM

CVE-2024-39723: IBM FlashSystem denial of service

Vendor Ibm
Product Storage Virtualize
Weakness CWE-1299
Published July 8, 2024
Last update August 2, 2024

CVSS base score

4.6/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935.

Key dates

02Disclosure timeline

July 8, 2024 CVE published
August 2, 2024 Record updated