Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-X834-53JC-RJR9
Vulnerability from github – Published: 2024-10-07 21:33 – Updated: 2024-10-18 00:31
VLAI?
Details
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
Severity ?
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-47976"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-07T20:15:06Z",
"severity": "MODERATE"
},
"details": "Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.",
"id": "GHSA-x834-53jc-rjr9",
"modified": "2024-10-18T00:31:15Z",
"published": "2024-10-07T21:33:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47976"
},
{
"type": "WEB",
"url": "https://https://www.solidigm.com/support-page/support-security.html"
},
{
"type": "WEB",
"url": "https://www.solidigm.com/support-page/support-security.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
CVE-2024-47976 (GCVE-0-2024-47976)
Vulnerability from cvelistv5 – Published: 2024-10-07 19:15 – Updated: 2025-03-13 18:18
VLAI?
EPSS
Summary
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
Severity ?
6.7 (Medium)
CWE
- Improper Access Control Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Solidigm | DC P4510 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5500_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5500_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "2CV10C034"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5600_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5600_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "2CV10C034"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d5_p5316_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d5_p5316_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "ACV1R330"
},
{
"status": "affected",
"version": "ACV1MA10"
},
{
"status": "affected",
"version": "ACV10340"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:dc_p4510_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dc_p4510_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VDV10194"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VCV10394"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5620_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "9CV10410"
},
{
"status": "affected",
"version": "0.0.25-9CV10220"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5628_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5628_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "9CV1R410"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:dc_p4610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dc_p4610_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VCV10394"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VDV10194"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5520_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5520_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "9CV1R410"
},
{
"status": "affected",
"version": "9CV1MA70"
},
{
"status": "affected",
"version": "9CV10410"
},
{
"status": "affected",
"version": "0.0.25-9CV10220"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:dc_p4511_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dc_p4511_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VDV10194"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VCV10394"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d5_p4320_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d5_p4320_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VDV10194"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VCV10394"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d5_p4326_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d5_p4326_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VCV10394"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VDV10194"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5510_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5510_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "JCV10404"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T16:13:07.020338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T18:18:16.675Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DC P4510",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DC P4610",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VCV10394"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VDV10194"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5500",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "2CV10C034"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5600",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "2CV10C034"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P5316",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "ACV1R330"
},
{
"status": "unaffected",
"version": "ACV1MA10"
},
{
"status": "unaffected",
"version": "ACV10340"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5520",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "9CV1R410"
},
{
"status": "unaffected",
"version": "9CV1MA70"
},
{
"status": "unaffected",
"version": "9CV10410"
},
{
"status": "unaffected",
"version": "0.0.25-9CV10220"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5620",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "9CV10410"
},
{
"status": "unaffected",
"version": "0.0.25-9CV10220"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DC P4511",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P4320",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P4326",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VCV10394"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VDV10194"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5510",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "JCV10404"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5628",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "9CV1R410"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control Management",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T19:14:40.593Z",
"orgId": "f946a70c-00eb-42ce-8e9b-634d1f7b5a6f",
"shortName": "Solidigm"
},
"references": [
{
"url": "https://www.solidigm.com/support-page/support-security.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f946a70c-00eb-42ce-8e9b-634d1f7b5a6f",
"assignerShortName": "Solidigm",
"cveId": "CVE-2024-47976",
"datePublished": "2024-10-07T19:15:13.415Z",
"dateReserved": "2024-10-07T18:03:19.842Z",
"dateUpdated": "2025-03-13T18:18:16.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…