CVE-2024-47968 (GCVE-0-2024-47968)
Vulnerability from cvelistv5 – Published: 2024-10-07 21:19 – Updated: 2024-12-11 19:11
VLAI
EPSS
VEX
Summary
Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- General Race Condition
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Solidigm | DC P4510 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|
| Solidigm | DC P4610 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|
| Solidigm | DC P4511 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|
| Solidigm | D5-P4320 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
|
| Solidigm | D5-P4326 |
Unaffected:
VDV10194
Unaffected: VEV10294 Unaffected: VCV10394 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47968",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T13:19:59.013014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T13:10:06.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DC P4510",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DC P4610",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DC P4511",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P4320",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D5-P4326",
"vendor": "Solidigm",
"versions": [
{
"status": "unaffected",
"version": "VDV10194"
},
{
"status": "unaffected",
"version": "VEV10294"
},
{
"status": "unaffected",
"version": "VCV10394"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "General Race Condition",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T19:11:54.542Z",
"orgId": "f946a70c-00eb-42ce-8e9b-634d1f7b5a6f",
"shortName": "Solidigm"
},
"references": [
{
"url": "https://https://www.solidigm.com/support-page/support-security.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f946a70c-00eb-42ce-8e9b-634d1f7b5a6f",
"assignerShortName": "Solidigm",
"cveId": "CVE-2024-47968",
"datePublished": "2024-10-07T21:19:38.965Z",
"dateReserved": "2024-10-07T18:03:19.840Z",
"dateUpdated": "2024-12-11T19:11:54.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-47968",
"date": "2026-07-12",
"epss": "0.001",
"percentile": "0.01065"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.\"}, {\"lang\": \"es\", \"value\": \"El cierre inadecuado de recursos en medio de ciertas operaciones en algunos productos de Solidigm DC puede permitir que un atacante habilite potencialmente la denegaci\\u00f3n de servicio.\"}]",
"id": "CVE-2024-47968",
"lastModified": "2024-10-31T13:35:11.047",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 3.6}]}",
"published": "2024-10-07T22:15:04.480",
"references": "[{\"url\": \"https://https://www.solidigm.com/support-page/support-security.html\", \"source\": \"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\"}]",
"sourceIdentifier": "f946a70c-00eb-42ce-8e9b-634d1f7b5a6f",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-362\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-47968\",\"sourceIdentifier\":\"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\",\"published\":\"2024-10-07T22:15:04.480\",\"lastModified\":\"2026-06-17T07:58:04.257\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.\"},{\"lang\":\"es\",\"value\":\"El cierre inadecuado de recursos en medio de ciertas operaciones en algunos productos de Solidigm DC puede permitir que un atacante habilite potencialmente la denegaci\u00f3n de servicio.\"}],\"affected\":[{\"source\":\"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\",\"affectedData\":[{\"vendor\":\"Solidigm\",\"product\":\"DC P4510\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"VDV10194\",\"status\":\"unaffected\"},{\"version\":\"VEV10294\",\"status\":\"unaffected\"},{\"version\":\"VCV10394\",\"status\":\"unaffected\"}]},{\"vendor\":\"Solidigm\",\"product\":\"DC P4610\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"VDV10194\",\"status\":\"unaffected\"},{\"version\":\"VEV10294\",\"status\":\"unaffected\"},{\"version\":\"VCV10394\",\"status\":\"unaffected\"}]},{\"vendor\":\"Solidigm\",\"product\":\"DC P4511\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"VDV10194\",\"status\":\"unaffected\"},{\"version\":\"VEV10294\",\"status\":\"unaffected\"},{\"version\":\"VCV10394\",\"status\":\"unaffected\"}]},{\"vendor\":\"Solidigm\",\"product\":\"D5-P4320\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"VDV10194\",\"status\":\"unaffected\"},{\"version\":\"VEV10294\",\"status\":\"unaffected\"},{\"version\":\"VCV10394\",\"status\":\"unaffected\"}]},{\"vendor\":\"Solidigm\",\"product\":\"D5-P4326\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"VDV10194\",\"status\":\"unaffected\"},{\"version\":\"VEV10294\",\"status\":\"unaffected\"},{\"version\":\"VCV10394\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-10-08T13:19:59.013014Z\",\"id\":\"CVE-2024-47968\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"references\":[{\"url\":\"https://https://www.solidigm.com/support-page/support-security.html\",\"source\":\"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\"}]}}",
"redhat_vex": {
"current_release_date": "2025-05-28T21:27:57+00:00",
"cve": "CVE-2024-47968",
"id": "CVE-2024-47968",
"initial_release_date": "2024-01-01T00:00:00+00:00",
"product_status:known_not_affected": "1",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "CVE-2024-47968",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-47968.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47968\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-08T13:19:59.013014Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-362\", \"description\": \"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-08T13:31:17.931Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Denial of Service\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Solidigm\", \"product\": \"DC P4510\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"VDV10194\"}, {\"status\": \"unaffected\", \"version\": \"VEV10294\"}, {\"status\": \"unaffected\", \"version\": \"VCV10394\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Solidigm\", \"product\": \"DC P4610\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"VDV10194\"}, {\"status\": \"unaffected\", \"version\": \"VEV10294\"}, {\"status\": \"unaffected\", \"version\": \"VCV10394\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Solidigm\", \"product\": \"DC P4511\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"VDV10194\"}, {\"status\": \"unaffected\", \"version\": \"VEV10294\"}, {\"status\": \"unaffected\", \"version\": \"VCV10394\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Solidigm\", \"product\": \"D5-P4320\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"VDV10194\"}, {\"status\": \"unaffected\", \"version\": \"VEV10294\"}, {\"status\": \"unaffected\", \"version\": \"VCV10394\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Solidigm\", \"product\": \"D5-P4326\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"VDV10194\"}, {\"status\": \"unaffected\", \"version\": \"VEV10294\"}, {\"status\": \"unaffected\", \"version\": \"VCV10394\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://https://www.solidigm.com/support-page/support-security.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eImproper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"General Race Condition\"}]}], \"providerMetadata\": {\"orgId\": \"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\", \"shortName\": \"Solidigm\", \"dateUpdated\": \"2024-12-11T19:11:54.542Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-47968\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-11T19:11:54.542Z\", \"dateReserved\": \"2024-10-07T18:03:19.840Z\", \"assignerOrgId\": \"f946a70c-00eb-42ce-8e9b-634d1f7b5a6f\", \"datePublished\": \"2024-10-07T21:19:38.965Z\", \"assignerShortName\": \"Solidigm\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…