Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM56B1198978BD4D9889C95E44C64F0F64D357E8208DFA84A1BDE1026F69A02FA1
HistoryAug 06, 2024 - 10:31 p.m.

Security Bulletin: This Power System update is being released to address CVE-2024-35124

2024-08-0622:31:36
www.ibm.com
5
power system
openbmc
vulnerability
fw versions
network security
user management
firewall

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

32.5%

JSON

Summary

The BMC is vulnerable during the time it is connected to the network and does not yet have its “admin” account password set.

Vulnerability Details

CVEID:CVE-2024-35124
**DESCRIPTION:**During OpenBMC new installation, an attacker with network access gain administrative access even if the initial password is not set.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/290674 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
OPENBMC FW1050.00 - FW1050.10
OPENBMC FW1030.00 - FW1030.50
OPENBMC FW1020.00 - FW1020.60

Remediation/Fixes

Customers with the products below should install FW1020.70(1020_120), FW1030.51(1030_089), FW1050.12(1050_075), or newer to remediate this vulnerability.

Power 10

  1. IBM Power System S1022 (9105-22A)
  2. IBM Power System S1024 (9105-42A)
  3. IBM Power System S1022s (9105-22B)
  4. IBM Power System S1014 (9105-41B)
  5. IBM Power System L1022 (9786-22H)
  6. IBM Power System L1024 (9786-42H)
  7. IBM Power System E1050 (9043-MRX)

The images mentioned above can be located at IBM Fix Central: <https://www.ibm.com/support/fixcentral/&gt;

Workarounds and Mitigations

Install and operate the eBMC system on a private network or public network that is behind a firewall.

Immediately after you plug the eBMC system into the network, login to the default admin account of the eBMC system and set the password. You can complete this task by using the eBMC web-based Advanced System Management Interface (ASMI) GUI.

To detect if this problem happened, look on the BMC for administrator accounts you do not recognize and look for any sessions you do not recognize. Please note for BMCs managed by Hardware Management Consoles (HMC), it is normal for the HMCs to have a BMC session using the “admin” account.

To mitigate this issue, remove any unwanted BMC administrator accounts (being careful to keep your “admin” account) and remove any BMC sessions you do not recognize. Please note that if your BMC is managed by Hardware Management Console (HMC), it is normal for HMCs to re-establish any lost BMC sessions.

You can use the BMC’s ASMi web application to perform these tasks:
- Menu item: Security and access > HMC and user sessions
- Menu item: Security and access > User management

Related

cvelist 1
nvd 1
vulnrichment 1
cve 1
cvelist
cvelist
CVE-2024-35124 IBM OpenBMC authentication bypass
2024-08-13 11:14:40
nvd
nvd
CVE-2024-35124
2024-08-13 12:15:06
vulnrichment
vulnrichment
CVE-2024-35124 IBM OpenBMC authentication bypass
2024-08-13 11:14:40
cve
cve
CVE-2024-35124
2024-08-13 12:15:06

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

32.5%

JSON
Related for 56B1198978BD4D9889C95E44C64F0F64D357E8208DFA84A1BDE1026F69A02FA1
cvelist1nvd1vulnrichment1cve1