Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-X834-53JC-RJR9
Vulnerability from github – Published: 2024-10-07 21:33 – Updated: 2024-10-18 00:31
VLAI
Details
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
Severity
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-47976"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-07T20:15:06Z",
"severity": "MODERATE"
},
"details": "Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.",
"id": "GHSA-x834-53jc-rjr9",
"modified": "2024-10-18T00:31:15Z",
"published": "2024-10-07T21:33:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47976"
},
{
"type": "WEB",
"url": "https://https://www.solidigm.com/support-page/support-security.html"
},
{
"type": "WEB",
"url": "https://www.solidigm.com/support-page/support-security.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
CVE-2024-47976 (GCVE-0-2024-47976)
Vulnerability from cvelistv5 – Published: 2024-10-07 19:15 – Updated: 2025-03-13 18:18
VLAI
EPSS
VEX
Summary
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Improper Access Control Management
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| Solidigm | DC P4510 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|
| Solidigm | DC P4610 |
Unaffected:
VCV10394
Unaffected: VEV10294 Unaffected: VDV10194 |
|
| Solidigm | D7-P5500 |
Unaffected:
2CV10C034
|
|
| Solidigm | D7-P5600 |
Unaffected:
2CV10C034
|
|
| Solidigm | D5-P5316 |
Unaffected:
ACV1R330
Unaffected: ACV1MA10 Unaffected: ACV10340 |
|
| Solidigm | D7-P5520 |
Unaffected:
9CV1R410
Unaffected: 9CV1MA70 Unaffected: 9CV10410 Unaffected: 0.0.25-9CV10220 |
|
| Solidigm | D7-P5620 |
Unaffected:
9CV10410
Unaffected: 0.0.25-9CV10220 |
|
| Solidigm | DC P4511 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|
| Solidigm | D5-P4320 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|
| Solidigm | D5-P4326 |
Unaffected:
VCV10394
Unaffected: VEV10294 Unaffected: VDV10194 |
|
| Solidigm | D7-P5510 |
Unaffected:
JCV10404
|
|
| Solidigm | D7-P5628 |
Unaffected:
9CV1R410
|
|
| solidigm | d7_p5500_firmware |
Affected:
2CV10C034
cpe:2.3:o:solidigm:d7_p5500_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d7_p5600_firmware |
Affected:
2CV10C034
cpe:2.3:o:solidigm:d7_p5600_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d5_p5316_firmware |
Affected:
ACV1R330
Affected: ACV1MA10 Affected: ACV10340 cpe:2.3:o:solidigm:d5_p5316_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | dc_p4510_firmware |
Affected:
VDV10194
Affected: VEV10294 Affected: VCV10394 cpe:2.3:o:solidigm:dc_p4510_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d7_p5620_firmware |
Affected:
9CV10410
Affected: 0.0.25-9CV10220 cpe:2.3:o:solidigm:d7_p5620_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d7_p5628_firmware |
Affected:
9CV1R410
cpe:2.3:o:solidigm:d7_p5628_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | dc_p4610_firmware |
Affected:
VCV10394
Affected: VEV10294 Affected: VDV10194 cpe:2.3:o:solidigm:dc_p4610_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d7_p5520_firmware |
Affected:
9CV1R410
Affected: 9CV1MA70 Affected: 9CV10410 Affected: 0.0.25-9CV10220 cpe:2.3:o:solidigm:d7_p5520_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | dc_p4511_firmware |
Affected:
VDV10194
Affected: VEV10294 Affected: VCV10394 cpe:2.3:o:solidigm:dc_p4511_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d5_p4320_firmware |
Affected:
VDV10194
Affected: VEV10294 Affected: VCV10394 cpe:2.3:o:solidigm:d5_p4320_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d5_p4326_firmware |
Affected:
VCV10394
Affected: VEV10294 Affected: VDV10194 cpe:2.3:o:solidigm:d5_p4326_firmware:*:*:*:*:*:*:*:* |
|
| solidigm | d7_p5510_firmware |
Affected:
JCV10404
cpe:2.3:o:solidigm:d7_p5510_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5500_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5500_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "2CV10C034"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5600_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5600_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "2CV10C034"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d5_p5316_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d5_p5316_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "ACV1R330"
},
{
"status": "affected",
"version": "ACV1MA10"
},
{
"status": "affected",
"version": "ACV10340"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:dc_p4510_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dc_p4510_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VDV10194"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VCV10394"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5620_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "9CV10410"
},
{
"status": "affected",
"version": "0.0.25-9CV10220"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5628_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5628_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "9CV1R410"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:dc_p4610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dc_p4610_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VCV10394"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VDV10194"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5520_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5520_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "9CV1R410"
},
{
"status": "affected",
"version": "9CV1MA70"
},
{
"status": "affected",
"version": "9CV10410"
},
{
"status": "affected",
"version": "0.0.25-9CV10220"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:dc_p4511_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dc_p4511_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VDV10194"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VCV10394"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d5_p4320_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d5_p4320_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VDV10194"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VCV10394"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d5_p4326_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d5_p4326_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "VCV10394"
},
{
"status": "affected",
"version": "VEV10294"
},
{
"status": "affected",
"version": "VDV10194"
}
]
},
{
"cpes": [
"cpe:2.3:o:solidigm:d7_p5510_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d7_p5510_firmware",
"vendor": "solidigm",
"versions": [
{
"status": "affected",
"version": "JCV10404"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T16:13:07.020338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T18:18:16.675Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DC P4510",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DC P4610",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VCV10394"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VDV10194"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5500",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "2CV10C034"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5600",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "2CV10C034"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P5316",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "ACV1R330"
},
{
"status": "unaffected",
"version": "ACV1MA10"
},
{
"status": "unaffected",
"version": "ACV10340"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5520",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "9CV1R410"
},
{
"status": "unaffected",
"version": "9CV1MA70"
},
{
"status": "unaffected",
"version": "9CV10410"
},
{
"status": "unaffected",
"version": "0.0.25-9CV10220"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5620",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "9CV10410"
},
{
"status": "unaffected",
"version": "0.0.25-9CV10220"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DC P4511",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P4320",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P4326",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VCV10394"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VDV10194"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5510",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "JCV10404"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D7-P5628",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "9CV1R410"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control Management",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T19:14:40.593Z",
"orgId": "f946a70c-00eb-42ce-8e9b-634d1f7b5a6f",
"shortName": "Solidigm"
},
"references": [
{
"url": "https://www.solidigm.com/support-page/support-security.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f946a70c-00eb-42ce-8e9b-634d1f7b5a6f",
"assignerShortName": "Solidigm",
"cveId": "CVE-2024-47976",
"datePublished": "2024-10-07T19:15:13.415Z",
"dateReserved": "2024-10-07T18:03:19.842Z",
"dateUpdated": "2025-03-13T18:18:16.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…