CVE-2024-54009 MEDIUM

CVE-2024-54009

Vendor Hewlett Packard Enterprise (Hpe)

Product HPE Alletra Storage MP B10000

Weakness CWE-200 · Info exposure

Published December 19, 2024

Last update December 20, 2024

View on NVD All CVEs

CVSS base score

4.0/10

Attack vector Local

Attack complexity High

Privileges required High

User interaction Required

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could be remotely exploited to allow disclosure of information.

Key dates

02Disclosure timeline

December 19, 2024 CVE published

December 20, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-54009 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

Identifiers

CVE CVE-2024-54009

CWE CWE-200

CVSS 4.0 / MEDIUM

Affected versions