VYPR
Unrated severityNVD Advisory· Published May 27, 2025· Updated Aug 26, 2025

IBM DS8900F and DS8A00 Hardware Management Console (HMC) cross-site scripting

CVE-2024-45094

Description

IBM DS8900F and DS8A00 Hardware Management Console (HMC) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/Hardware Management Consolecpe-rescue2 versions
    cpe:2.3:o:ibm:ds8900f_firmware:89.33.45.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:ibm:ds8900f_firmware:89.33.45.0:*:*:*:*:*:*:*range: DS8900F
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.