Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| IBM | Power Hardware Management Console | unaffected |
|
Configuration 1 [-]
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Ibm | Power Hardware Management Console | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-53172 | IBM Power Hardware Management Console V10.3.1050.0 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. |
| Link | Providers |
|---|---|
| https://www.ibm.com/support/pages/node/7183224 |
|
Mon, 18 Aug 2025 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:ibm:power_hardware_management_console:10.3.1060.0:sp1:*:*:*:*:x64:* cpe:2.3:a:ibm:power_hardware_management_console:10.3.1060.0:sp1:*:*:*:*:x86:* |
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Sun, 13 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Fri, 14 Feb 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 14 Feb 2025 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | IBM Power Hardware Management Console V10.3.1050.0 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | |
| Title | IBM Power Hardware Management Console directory traversal | |
| Weaknesses | CWE-22 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-02-14T14:56:48.942Z
Reserved: 2024-12-26T12:51:40.265Z
Link: CVE-2024-56477
Vulnrichment
Updated: 2025-02-14T14:56:38.732Z
NVD
Status : Analyzed
Published: 2025-02-14T15:15:11.887
Modified: 2025-08-18T18:15:31.937
Link: CVE-2024-56477
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-07-13T11:15:14Z