CVE-2024-21935

{"id": "CVE-2024-21935", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@amd.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.1}]}, "published": "2025-09-23T22:15:33.183", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6016.html", "source": "psirt@amd.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@amd.com", "description": [{"lang": "en", "value": "CWE-241"}]}], "descriptions": [{"lang": "en", "value": "Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish\u00ae API commands to remove files from the local root directory, potentially resulting in data corruption."}], "lastModified": "2025-09-24T18:11:24.520", "sourceIdentifier": "psirt@amd.com"}