Vulnerability Details CVE-2024-56477
IBM Power Hardware Management Console V10.3.1050.0 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.9%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2024-56477
-
cpe:2.3:a:ibm:power_hardware_management_console:10.3.1060.0