CVE-2024-45094

IBM DS8900F and DS8A00 Hardware Management Console (HMC) cross-site scripting

Description

IBM DS8900F and DS8A00 Hardware Management Console (HMC) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

INFO

Published Date :

2025-05-27T22:41:38.125Z

Last Modified :

2025-08-26T15:03:31.720Z

Source :

ibm

AFFECTED PRODUCTS

The following products are affected by CVE-2024-45094 vulnerability.

Vendors	Products
Ibm	Ds8900f Firmware Hardware Management Console R10.0 Hardware Management Console R10.0 Firmware Hardware Management Console R9.3 Hardware Management Console R9.3 Firmware Hardware Management Console R9.4 Hardware Management Console R9.4 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45094.

URL	Resource
https://www.ibm.com/support/pages/node/7234276

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact