CVE-2024-45094 is a medium-severity stored cross-site scripting (XSS) vulnerability identified in IBM's Hardware Management Console (HMC) products, specifically the DS8900F and DS8A00 models. The vulnerability stems from improper neutralization of input during web page generation (CWE-79), allowing a privileged user to inject arbitrary JavaScript code into the HMC's web user interface. Since the HMC is a critical management platform for IBM storage hardware, this vulnerability can be exploited within a trusted session to alter intended functionality. The injected script could potentially lead to credential disclosure or session hijacking, compromising the confidentiality and integrity of the management console. The CVSS 3.1 base score is 5.5, reflecting a medium severity with network attack vector, low attack complexity, and requiring high privileges but no user interaction. The scope is changed, indicating that exploitation could affect components beyond the initially vulnerable module. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability requires a privileged user, which limits the attack surface but still poses a significant risk given the sensitive nature of the HMC environment. The vulnerability highlights the importance of proper input validation and output encoding in web interfaces of critical infrastructure management tools.

For European organizations using IBM DS8900F and DS8A00 HMCs, this vulnerability could lead to unauthorized disclosure of administrative credentials or session tokens, enabling attackers to gain elevated access to storage management functions. This could disrupt data availability indirectly by allowing malicious configuration changes or data manipulation. Confidentiality of sensitive enterprise data managed by these storage systems could be compromised if attackers leverage the XSS to escalate privileges or pivot to other systems. Given that HMCs are often deployed in enterprise data centers and critical infrastructure environments, exploitation could impact business continuity and regulatory compliance, especially under GDPR where data breaches must be reported. The requirement for privileged user access reduces the risk of external exploitation but raises concerns about insider threats or compromised administrative accounts. European organizations with IBM storage hardware in finance, healthcare, government, or critical infrastructure sectors are particularly at risk due to the high value of the managed data and regulatory scrutiny.

1. Restrict and monitor privileged user access to the IBM HMC web interface, enforcing strict access controls and multi-factor authentication to reduce the risk of insider threats or credential compromise. 2. Implement network segmentation and firewall rules to limit HMC web interface exposure to trusted management networks only. 3. Regularly audit HMC user activity logs for suspicious behavior indicative of attempted or successful exploitation of XSS. 4. Apply secure coding best practices by IBM in future HMC firmware updates, including proper input validation and output encoding to neutralize malicious scripts. 5. Until patches are available, consider deploying web application firewalls (WAFs) with custom rules to detect and block suspicious script injection attempts targeting the HMC interface. 6. Educate privileged users on the risks of XSS and safe usage practices to avoid inadvertent execution of malicious scripts. 7. Monitor IBM security advisories closely for patch releases and apply updates promptly once available.