Lucene search

[email protected]CVE-2019-16649

HistorySep 21, 2019 - 2:15 a.m.

CVE-2019-16649

2019-09-2102:15:11

CWE-326

CWE-287

CWE-522

[email protected]

web.nvd.nist.gov

360

supermicro

virtual media

vulnerability

encryption

authentication

bmc

nvd

cve-2019-16649

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.2%

JSON

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the server managed by the BMC.

Affected configurations

NVD

Node

supermicrox11dai-nMatch-

AND

supermicrox11dai-n_firmwareMatch1.71.5

Node

supermicrox11dacMatch-

AND

supermicrox11dac_firmwareMatch1.71.5

Node

supermicrox11dph-tqMatch-

AND

supermicrox11dph-tq_firmwareMatch1.71.5

Node

supermicrox11dph-iMatch-

AND

supermicrox11dph-i_firmwareMatch1.71.5

Node

supermicrox11dph-tMatch-

AND

supermicrox11dph-t_firmwareMatch1.71.5

Node

supermicrox11dps-reMatch-

AND

supermicrox11dps-re_firmwareMatch1.71.5

Node

supermicrox11dsf-eMatch-

AND

supermicrox11dsf-e_firmwareMatch1.71.5

Node

supermicrox11dsn-tsMatch-

AND

supermicrox11dsn-ts_firmwareMatch1.71.5

Node

supermicrox11dsn-tsq_firmwareMatch1.71.5

AND

supermicrox11dsn-tsqMatch-

Node

supermicrox11dsc\+_firmwareMatch1.74

AND

supermicrox11dsc\+Match-

Node

supermicrox11ddw-nt_firmwareMatch1.71.5

AND

supermicrox11ddw-ntMatch-

Node

supermicrox11ddw-l_firmwareMatch1.71.5

AND

supermicrox11ddw-lMatch-

Node

supermicrox11dgq_firmwareMatch1.71.5

AND

supermicrox11dgqMatch-

Node

supermicrox11dpff-sn_firmwareMatch1.71.5

AND

supermicrox11dpff-snMatch-

Node

supermicrox11dpfr-sn_firmwareMatch1.71.5

AND

supermicrox11dpfr-snMatch-

Node

supermicrox11dpfr-s_firmwareMatch1.71.5

AND

supermicrox11dpfr-sMatch-

Node

supermicrox11dpt-ps_firmwareMatch1.71.5

AND

supermicrox11dpt-psMatch-

Node

supermicrox11dpt-b_firmwareMatch1.71.5

AND

supermicrox11dpt-bMatch-

Node

supermicrox11dpt-bh_firmwareMatch1.71.5

AND

supermicrox11dpt-bhMatch-

Node

supermicrox11dpt-l_firmwareMatch3.74

AND

supermicrox11dpt-lMatch-

Node

supermicrox11dpu_firmwareMatch1.71.5

AND

supermicrox11dpuMatch-

Node

supermicrox11dpu-v_firmwareMatch1.71.5

AND

supermicrox11dpu-vMatch-

Node

supermicrox11dpu-x_firmwareMatch1.71.5

AND

supermicrox11dpu-xMatch-

Node

supermicrox11dpu-xll_firmwareMatch1.71.5

AND

supermicrox11dpu-xllMatch-

Node

supermicrox11dpu-z\+_firmwareMatch1.71.5

AND

supermicrox11dpu-z\+Match-

Node

supermicrox11dpu-ze\+_firmwareMatch1.71.5

AND

supermicrox11dpu-ze\+Match-

Node

supermicrox11dpg-sn_firmwareMatch1.71.5

AND

supermicrox11dpg-snMatch-

Node

supermicrox11dpg-qt_firmwareMatch1.71.5

AND

supermicrox11dpg-qtMatch-

Node

supermicrox11dpg-ot-cpu_firmwareMatch1.71.5

AND

supermicrox11dpg-ot-cpuMatch-

Node

supermicrox11dpi-nt_firmwareMatch1.71.5

AND

supermicrox11dpi-ntMatch-

Node

supermicrox11dpi-n_firmwareMatch1.71.5

AND

supermicrox11dpi-nMatch-

Node

supermicrox11dpl-i_firmwareMatch1.71.5

AND

supermicrox11dpl-iMatch-

Node

supermicrox11dpx-t_firmwareMatch1.71.5

AND

supermicrox11dpx-tMatch-

Node

supermicrox11dgo-t_firmwareMatch1.71.5

AND

supermicrox11dgo-tMatch-

Node

supermicrox11sca_firmwareMatch1.71.5

AND

supermicrox11scaMatch-

Node

supermicrox11sca-f_firmwareMatch1.71.5

AND

supermicrox11sca-fMatch-

Node

supermicrox11sch-f_firmwareMatch1.23.2

AND

supermicrox11sch-fMatch-

Node

supermicrox11sch-ln4f_firmwareMatch1.23.2

AND

supermicrox11sch-ln4fMatch-

Node

supermicrox11sca-w_firmwareMatch1.71.5

AND

supermicrox11sca-wMatch-

Node

supermicrox11scl-f_firmwareMatch1.23.2

AND

supermicrox11scl-fMatch-

Node

supermicrox11scl-ln4f_firmwareMatch1.23.2

AND

supermicrox11scl-ln4fMatch-

Node

supermicrox11scl-if_firmwareMatch1.23.2

AND

supermicrox11scl-ifMatch-

Node

supermicrox11scm-f_firmwareMatch1.23.2

AND

supermicrox11scm-fMatch-

Node

supermicrox11scm-ln8f_firmwareMatch1.23.2

AND

supermicrox11scm-ln8fMatch-

Node

supermicrox11scw-f_firmwareMatch3.75.00

AND

supermicrox11scw-fMatch-

Node

supermicrox11spa-t_firmwareMatch1.71.5

AND

supermicrox11spa-tMatch-

Node

supermicrox11spa-tf_firmwareMatch1.71.5

AND

supermicrox11spa-tfMatch-

Node

supermicrox11spi-tf_firmwareMatch1.71.6

AND

supermicrox11spi-tfMatch-

Node

supermicrox11spl-f_firmwareMatch1.71.6

AND

supermicrox11spl-fMatch-

Node

supermicrox11spm-f_firmwareMatch1.71.6

AND

supermicrox11spm-fMatch-

Node

supermicrox11spm-tf_firmwareMatch1.71.6

AND

supermicrox11spm-tfMatch-

Node

supermicrox11spm-tpf_firmwareMatch1.71.6

AND

supermicrox11spm-tpfMatch-

Node

supermicrox11sph-nctf_firmwareMatch1.71.6

AND

supermicrox11sph-nctfMatch-

Node

supermicrox11sph-nctpf_firmwareMatch1.71.6

AND

supermicrox11sph-nctpfMatch-

Node

supermicrox11spw-tf_firmwareMatch1.71.6

AND

supermicrox11spw-tfMatch-

Node

supermicrox11spw-ctf_firmwareMatch1.71.6

AND

supermicrox11spw-ctfMatch-

Node

supermicrox11spg-tf_firmwareMatch1.71.6

AND

supermicrox11spg-tfMatch-

Node

supermicrox11sri-if_firmwareMatch3.75.00

AND

supermicrox11sri-ifMatch-

Node

supermicrox11srl-f_firmwareMatch3.74.2

AND

supermicrox11srl-fMatch-

Node

supermicrox11srm-f_firmwareMatch1.31.1

AND

supermicrox11srm-fMatch-

Node

supermicrox11srm-vf_firmwareMatch1.31.1

AND

supermicrox11srm-vfMatch-

Node

supermicrox11ssl-f_firmwareMatch1.56

AND

supermicrox11ssl-fMatch-

Node

supermicrox11ssm-f_firmwareMatch1.56

AND

supermicrox11ssm-fMatch-

Node

supermicrox11ssl_firmwareMatch1.56

AND

supermicrox11sslMatch-

Node

supermicrox11ssm_firmwareMatch1.56

AND

supermicrox11ssmMatch-

Node

supermicrox11ssh-f_firmwareMatch1.56

AND

supermicrox11ssh-fMatch-

Node

supermicrox11ssh-ln4f_firmwareMatch1.56

AND

supermicrox11ssh-ln4fMatch-

Node

supermicrox11ssw-4tf_firmwareMatch1.56

AND

supermicrox11ssw-4tfMatch-

Node

supermicrox11ssw-tf_firmwareMatch1.56

AND

supermicrox11ssw-tfMatch-

Node

supermicrox11ssw-f_firmwareMatch1.71.5

AND

supermicrox11ssw-fMatch-

Node

supermicrox11ssi-ln4f_firmwareMatch1.71.5

AND

supermicrox11ssi-ln4fMatch-

Node

supermicrox11ssw-f_firmwareMatch3.85.00

AND

supermicrox11ssw-fMatch-

Node

supermicrox11ssh-tf_firmwareMatch1.56

AND

supermicrox11ssh-tfMatch-

Node

supermicrox11ssh-ctf_firmwareMatch1.56

AND

supermicrox11ssh-ctfMatch-

Node

supermicrox11ssl-cf_firmwareMatch1.56

AND

supermicrox11ssl-cfMatch-

Node

supermicrox11ssl-nf_firmwareMatch1.56

AND

supermicrox11ssl-nfMatch-

Node

supermicrox11ssh-gf-1585_firmwareMatch1.56

AND

supermicrox11ssh-gf-1585Match-

Node

supermicrox11ssh-gf-1585l_firmwareMatch1.56

AND

supermicrox11ssh-gf-1585lMatch-

Node

supermicrox11ssh-gtf-1585_firmwareMatch1.56

AND

supermicrox11ssh-gtf-1585Match-

Node

supermicrox11ssh-gtf-1585l_firmwareMatch1.56

AND

supermicrox11ssh-gtf-1585lMatch-

Node

supermicrob11dpt_firmwareMatch3.68

AND

supermicrob11dptMatch-

Node

supermicrob11dpe_firmwareMatch3.68

AND

supermicrob11dpeMatch-

Node

supermicrob11spe-cpu-tf_firmwareMatch3.68

AND

supermicrob11spe-cpu-tfMatch-

Node

supermicrob11spe-cpu-25g_firmwareMatch3.68

AND

supermicrob11spe-cpu-25gMatch-

Node

supermicrob11qpi_firmwareMatch3.68

AND

supermicrob11qpiMatch-

Node

supermicrox11ssd-f_firmwareMatch3.68

AND

supermicrox11ssd-fMatch-

Node

supermicrox11sse-f_firmwareMatch3.68

AND

supermicrox11sse-fMatch-

Node

supermicrob2ss1-cpu_firmwareMatch3.68

AND

supermicrob2ss1-cpuMatch-

Node

supermicrob2ss1-cf_firmwareMatch3.68

AND

supermicrob2ss1-cfMatch-

Node

supermicrob2ss1-f_firmwareMatch3.68

AND

supermicrob2ss1-fMatch-

Node

supermicrob2ss2-f_firmwareMatch3.68

AND

supermicrob2ss2-fMatch-

Node

supermicrob2ss1-mtf_firmwareMatch3.68

AND

supermicrob2ss1-mtfMatch-

Node

supermicrob2ss1-h-mtf_firmwareMatch3.68

AND

supermicrob2ss1-h-mtfMatch-

Node

supermicrob2ss2-mtf_firmwareMatch3.68

AND

supermicrob2ss2-mtfMatch-

Node

supermicrob2ss2-h-mtf_firmwareMatch3.68

AND

supermicrob2ss2-h-mtfMatch-

Node

supermicrox11scd-f_firmwareMatch3.68

AND

supermicrox11scd-fMatch-

Node

supermicrox11sdd-8c-f_firmwareMatch3.68

AND

supermicrox11sdd-8c-fMatch-

Node

supermicrox11sdd-18c-f_firmwareMatch3.68

AND

supermicrox11sdd-18c-fMatch-

Node

supermicrox11qph\+_firmwareMatch1.71.5

AND

supermicrox11qph\+Match-

Node

supermicrox11opi-cpu_firmwareMatch1.71.5

AND

supermicrox11opi-cpuMatch-

Node

supermicrox11sds-8c_firmwareMatch3.74.2

AND

supermicrox11sds-8cMatch-

Node

supermicrox11sds-12c_firmwareMatch3.74.2

AND

supermicrox11sds-12cMatch-

Node

supermicrox11sds-16c_firmwareMatch3.74.2

AND

supermicrox11sds-16cMatch-

Node

supermicrox10ddw-i_firmwareMatch3.83

AND

supermicrox10ddw-iMatch-

Node

supermicrox10ddw-in_firmwareMatch3.83

AND

supermicrox10ddw-inMatch-

Node

supermicrox10drs_firmwareMatch3.83

AND

supermicrox10drsMatch-

Node

supermicrox10drd-i_firmwareMatch3.83

AND

supermicrox10drd-iMatch-

Node

supermicrox10drd-it_firmwareMatch3.83

AND

supermicrox10drd-itMatch-

Node

supermicrox10drd-int_firmwareMatch3.83

AND

supermicrox10drd-intMatch-

Node

supermicrox10drd-intp_firmwareMatch3.83

AND

supermicrox10drd-intpMatch-

Node

supermicrox10drd-itp_firmwareMatch3.83

AND

supermicrox10drd-itpMatch-

Node

supermicrox10drd-l_firmwareMatch3.83

AND

supermicrox10drd-lMatch-

Node

supermicrox10drd-lt_firmwareMatch3.83

AND

supermicrox10drd-ltMatch-

Node

supermicrox10drd-ltp_firmwareMatch3.83

AND

supermicrox10drd-ltpMatch-

Node

supermicrox10drx_firmwareMatch3.83

AND

supermicrox10drxMatch-

Node

supermicrox10drh-c_firmwareMatch3.83

AND

supermicrox10drh-cMatch-

Node

supermicrox10drh-ct_firmwareMatch3.83

AND

supermicrox10drh-ctMatch-

Node

supermicrox10drh-cln4_firmwareMatch3.83

AND

supermicrox10drh-cln4Match-

Node

supermicrox10drh-i_firmwareMatch3.83

AND

supermicrox10drh-iMatch-

Node

supermicrox10drh-it_firmwareMatch3.83

AND

supermicrox10drh-itMatch-

Node

supermicrox10drh-iln4_firmwareMatch3.83

AND

supermicrox10drh-iln4Match-

Node

supermicrox10dri_firmwareMatch3.83

AND

supermicrox10driMatch-

Node

supermicrox10dri-t_firmwareMatch3.83

AND

supermicrox10dri-tMatch-

Node

supermicrox10drc-ln4\+_firmwareMatch3.83

AND

supermicrox10drc-ln4\+Match-

Node

supermicrox10drc-t4\+_firmwareMatch3.83

AND

supermicrox10drc-t4\+Match-

Node

supermicrox10dri-ln4\+_firmwareMatch3.83

AND

supermicrox10dri-ln4\+Match-

Node

supermicrox10dri-t4\+_firmwareMatch3.83

AND

supermicrox10dri-t4\+Match-

Node

supermicrox10drl-ln4_firmwareMatch3.83

AND

supermicrox10drl-ln4Match-

Node

supermicrox10drl-i_firmwareMatch3.83

AND

supermicrox10drl-iMatch-

Node

supermicrox10drl-it_firmwareMatch3.83

AND

supermicrox10drl-itMatch-

Node

supermicrox10drl-c_firmwareMatch3.83

AND

supermicrox10drl-cMatch-

Node

supermicrox10drl-ct_firmwareMatch3.83

AND

supermicrox10drl-ctMatch-

Node

supermicrox10drt-l_firmwareMatch3.83

AND

supermicrox10drt-lMatch-

Node

supermicrox10drt-libq_firmwareMatch3.83

AND

supermicrox10drt-libqMatch-

Node

supermicrox10drt-libf_firmwareMatch3.83

AND

supermicrox10drt-libfMatch-

Node

supermicrox10drt-b\+_firmwareMatch3.83

AND

supermicrox10drt-b\+Match-

Node

supermicrox10drt-h_firmwareMatch3.83

AND

supermicrox10drt-hMatch-

Node

supermicrox10drt-hibf_firmwareMatch3.83

AND

supermicrox10drt-hibfMatch-

Node

supermicrox10drt-ps_firmwareMatch3.83

AND

supermicrox10drt-psMatch-

Node

supermicrox10drt-p_firmwareMatch3.83

AND

supermicrox10drt-pMatch-

Node

supermicrox10drt-pt_firmwareMatch3.83

AND

supermicrox10drt-ptMatch-

Node

supermicrox10drt-pibq_firmwareMatch3.83

AND

supermicrox10drt-pibqMatch-

Node

supermicrox10drt-pibf_firmwareMatch3.83

AND

supermicrox10drt-pibfMatch-

Node

supermicrox10drfr-n_firmwareMatch3.83

AND

supermicrox10drfr-nMatch-

Node

supermicrox10drfr-nt_firmwareMatch3.83

AND

supermicrox10drfr-ntMatch-

Node

supermicrox10drfr_firmwareMatch3.83

AND

supermicrox10drfrMatch-

Node

supermicrox10drfr-t_firmwareMatch3.83

AND

supermicrox10drfr-tMatch-

Node

supermicrox10drff-cg_firmwareMatch3.83

AND

supermicrox10drff-cgMatch-

Node

supermicrox10drff-ctg_firmwareMatch3.83

AND

supermicrox10drff-ctgMatch-

Node

supermicrox10drff-ig_firmwareMatch3.83

AND

supermicrox10drff-igMatch-

Node

supermicrox10drff-itg_firmwareMatch3.83

AND

supermicrox10drff-itgMatch-

Node

supermicrox10drff_firmwareMatch3.83

AND

supermicrox10drffMatch-

Node

supermicrox10drff-c_firmwareMatch3.83

AND

supermicrox10drff-cMatch-

Node

supermicrox10drw-n_firmwareMatch3.83

AND

supermicrox10drw-nMatch-

Node

supermicrox10drw-nt_firmwareMatch3.83

AND

supermicrox10drw-ntMatch-

Node

supermicrox10drw-e_firmwareMatch3.83

AND

supermicrox10drw-eMatch-

Node

supermicrox10drw-et_firmwareMatch3.83

AND

supermicrox10drw-etMatch-

Node

supermicrox10drw-i_firmwareMatch3.83

AND

supermicrox10drw-iMatch-

Node

supermicrox10drw-it_firmwareMatch3.83

AND

supermicrox10drw-itMatch-

Node

supermicrox10dsn-ts_firmwareMatch3.83

AND

supermicrox10dsn-tsMatch-

Node

supermicrox10drg-ot\+-cpu_firmwareMatch3.83

AND

supermicrox10drg-ot\+-cpuMatch-

Node

supermicrox10drg-o\+-cpu_firmwareMatch3.83

AND

supermicrox10drg-o\+-cpuMatch-

Node

supermicrox10dgo-t_firmwareMatch3.83

AND

supermicrox10dgo-tMatch-

Node

supermicrox10dgq_firmwareMatch3.83

AND

supermicrox10dgqMatch-

Node

supermicrox10drg-q_firmwareMatch3.83

AND

supermicrox10drg-qMatch-

Node

supermicrox10drg-h_firmwareMatch3.83

AND

supermicrox10drg-hMatch-

Node

supermicrox10drg-ht_firmwareMatch3.83

AND

supermicrox10drg-htMatch-

Node

supermicrox10dru-i\+_firmwareMatch3.83

AND

supermicrox10dru-i\+Match-

Node

supermicrox10dru-x_firmwareMatch3.83

AND

supermicrox10dru-xMatch-

Node

supermicrox10dru-xll_firmwareMatch3.83

AND

supermicrox10dru-xllMatch-

Node

supermicrox10dsc\+_firmwareMatch3.83

AND

supermicrox10dsc\+Match-

Node

supermicrox10sra-f_firmwareMatch3.83

AND

supermicrox10sra-fMatch-

Node

supermicrox10sra_firmwareMatch3.83

AND

supermicrox10sraMatch-

Node

supermicrox10srd-f_firmwareMatch3.83

AND

supermicrox10srd-fMatch-

Node

supermicrox10srm-f_firmwareMatch3.83

AND

supermicrox10srm-fMatch-

Node

supermicrox10srm-tf_firmwareMatch3.83

AND

supermicrox10srm-tfMatch-

Node

supermicrox10srl-f_firmwareMatch3.83

AND

supermicrox10srl-fMatch-

Node

supermicrox10sri-f_firmwareMatch3.83

AND

supermicrox10sri-fMatch-

Node

supermicrox10srh-cf_firmwareMatch3.83

AND

supermicrox10srh-cfMatch-

Node

supermicrox10srh-cln4f_firmwareMatch3.83

AND

supermicrox10srh-cln4fMatch-

Node

supermicrox10srg-f_firmwareMatch3.83

AND

supermicrox10srg-fMatch-

Node

supermicrox10srl-f_firmwareMatch3.83

AND

supermicrox10srl-fMatch-

Node

supermicrox10srw-f_firmwareMatch3.83

AND

supermicrox10srw-fMatch-

Node

supermicrox10sae_firmwareMatch3.83

AND

supermicrox10saeMatch-

Node

supermicrox10sat_firmwareMatch3.83

AND

supermicrox10satMatch-

Node

supermicrox10slx-f_firmwareMatch3.83

AND

supermicrox10slx-fMatch-

Node

supermicrox10sld-f_firmwareMatch3.83

AND

supermicrox10sld-fMatch-

Node

supermicrox10sld-hf_firmwareMatch3.83

AND

supermicrox10sld-hfMatch-

Node

supermicrox10sle-f_firmwareMatch3.83

AND

supermicrox10sle-fMatch-

Node

supermicrox10sle-hf_firmwareMatch3.83

AND

supermicrox10sle-hfMatch-

Node

supermicrox10sle-df_firmwareMatch3.83

AND

supermicrox10sle-dfMatch-

Node

supermicrox10sl7-f_firmwareMatch3.83

AND

supermicrox10sl7-fMatch-

Node

supermicrox10sla-f_firmwareMatch3.83

AND

supermicrox10sla-fMatch-

Node

supermicrox10slh-f_firmwareMatch3.83

AND

supermicrox10slh-fMatch-

Node

supermicrox10sll\+-f_firmwareMatch3.83

AND

supermicrox10sll\+-fMatch-

Node

supermicrox10sll-f_firmwareMatch3.83

AND

supermicrox10sll-fMatch-

Node

supermicrox10sll-sf_firmwareMatch3.83

AND

supermicrox10sll-sfMatch-

Node

supermicrox10sll-s_firmwareMatch3.83

AND

supermicrox10sll-sMatch-

Node

supermicrox10slm-f_firmwareMatch3.83

AND

supermicrox10slm-fMatch-

Node

supermicrox10slm\+-f_firmwareMatch3.83

AND

supermicrox10slm\+-fMatch-

Node

supermicrox10slm\+-ln4f_firmwareMatch3.83

AND

supermicrox10slm\+-ln4fMatch-

Node

supermicrox10sde-df_firmwareMatch3.68

AND

supermicrox10sde-dfMatch-

Node

supermicrox10sdd-16c-f_firmwareMatch3.68

AND

supermicrox10sdd-16c-fMatch-

Node

supermicrox10sdd-f_firmwareMatch3.68

AND

supermicrox10sdd-fMatch-

Node

supermicrob1sd1-16c-tf_firmwareMatch3.68

AND

supermicrob1sd1-16c-tfMatch-

Node

supermicrob1sd1-tf_firmwareMatch3.68

AND

supermicrob1sd1-tfMatch-

Node

supermicrob1sd2-16c-tf_firmwareMatch3.68

AND

supermicrob1sd2-16c-tfMatch-

Node

supermicrob1sd2-tf_firmwareMatch3.68

AND

supermicrob1sd2-tfMatch-

Node

supermicrob10drc_firmwareMatch3.68

AND

supermicrob10drcMatch-

Node

supermicrob10drc-n_firmwareMatch3.68

AND

supermicrob10drc-nMatch-

Node

supermicrob10dri_firmwareMatch3.68

AND

supermicrob10driMatch-

Node

supermicrob10dri-n_firmwareMatch3.68

AND

supermicrob10dri-nMatch-

Node

supermicrob10drg-ibf_firmwareMatch3.68

AND

supermicrob10drg-ibfMatch-

Node

supermicrob10drg-ibf2_firmwareMatch3.68

AND

supermicrob10drg-ibf2Match-

Node

supermicrob10drg-tp_firmwareMatch3.68

AND

supermicrob10drg-tpMatch-

Node

supermicrob10drt_firmwareMatch3.68

AND

supermicrob10drtMatch-

Node

supermicrob10drt-ibf_firmwareMatch3.68

AND

supermicrob10drt-ibfMatch-

Node

supermicrob10drt-ibf2_firmwareMatch3.68

AND

supermicrob10drt-ibf2Match-

Node

supermicrob10drt-tp_firmwareMatch3.68

AND

supermicrob10drt-tpMatch-

Node

supermicrox10qrh\+_firmwareMatch3.80

AND

supermicrox10qrh\+Match-

Node

supermicrox10qbl-4_firmwareMatch3.80

AND

supermicrox10qbl-4Match-

Node

supermicrox10qbl-4ct_firmwareMatch3.80

AND

supermicrox10qbl-4ctMatch-

Node

supermicrox10qbl_firmwareMatch3.80

AND

supermicrox10qblMatch-

Node

supermicrox10qbl-ct_firmwareMatch3.80

AND

supermicrox10qbl-ctMatch-

Node

supermicrox10qbi_firmwareMatch3.81

AND

supermicrox10qbiMatch-

Node

supermicrox10obi-cpu_firmwareMatch3.83

AND

supermicrox10obi-cpuMatch-

Node

supermicrox10dbt-t_firmwareMatch3.83

AND

supermicrox10dbt-tMatch-

Node

supermicrox10sdv-7tp8f_firmwareMatch3.83

AND

supermicrox10sdv-7tp8fMatch-

Node

supermicrox10sdv-7tp4f_firmwareMatch3.83

AND

supermicrox10sdv-7tp4fMatch-

Node

supermicrox10sdv-2c-7tp4f_firmwareMatch3.83

AND

supermicrox10sdv-2c-7tp4fMatch-

Node

supermicrox10sdv-4c-7tp4f_firmwareMatch3.83

AND

supermicrox10sdv-4c-7tp4fMatch-

Node

supermicrox10sdv-2c-tp4f_firmwareMatch3.83

AND

supermicrox10sdv-2c-tp4fMatch-

Node

supermicrox10sdv-4c\+-tp4f_firmwareMatch3.83

AND

supermicrox10sdv-4c\+-tp4fMatch-

Node

supermicrox10sdv-2c-tp8f_firmwareMatch3.83

AND

supermicrox10sdv-2c-tp8fMatch-

Node

supermicrox10sdv-tp8f_firmwareMatch3.83

AND

supermicrox10sdv-tp8fMatch-

Node

supermicrox10sdv-f_firmwareMatch3.83

AND

supermicrox10sdv-fMatch-

Node

supermicrox10sdv-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-tln4fMatch-

Node

supermicrox10sdv-8c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-8c-tln4fMatch-

Node

supermicrox10sdv-6c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-6c-tln4fMatch-

Node

supermicrox10sdv-2c-tln2f_firmwareMatch3.83

AND

supermicrox10sdv-2c-tln2fMatch-

Node

supermicrox10sdv-4c-tln2f_firmwareMatch3.83

AND

supermicrox10sdv-4c-tln2fMatch-

Node

supermicrox10sdv-4c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-4c-tln4fMatch-

Node

supermicrox10sdv-4c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-4c\+-tln4fMatch-

Node

supermicrox10sdv-6c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-6c\+-tln4fMatch-

Node

supermicrox10sdv-8c-tln4f\+_firmwareMatch3.83

AND

supermicrox10sdv-8c-tln4f\+Match-

Node

supermicrox10sdv-8c\+-ln2f_firmwareMatch3.83

AND

supermicrox10sdv-8c\+-ln2fMatch-

Node

supermicrox10sdv-12c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-12c-tln4fMatch-

Node

supermicrox10sdv-12c-tln4f\+_firmwareMatch3.83

AND

supermicrox10sdv-12c-tln4f\+Match-

Node

supermicrox10sdv-12c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-12c\+-tln4fMatch-

Node

supermicrox10sdv-16c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-16c\+-tln4fMatch-

Node

supermicrox10sdv-16c-tln4f\+_firmwareMatch3.83

AND

supermicrox10sdv-16c-tln4f\+Match-

Node

supermicrox10sdv-16c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-16c-tln4fMatch-

Node

supermicroa1srm-ln7f-2358_firmwareMatch3.83

AND

supermicroa1srm-ln7f-2358Match-

Node

supermicroa1srm-ln7f-2758_firmwareMatch3.83

AND

supermicroa1srm-ln7f-2758Match-

Node

supermicroa1srm-ln5f-2358_firmwareMatch3.83

AND

supermicroa1srm-ln5f-2358Match-

Node

supermicroa1sa2-2750f_firmwareMatch3.83

AND

supermicroa1sa2-2750fMatch-

Node

supermicroa1sam-2750f_firmwareMatch3.83

AND

supermicroa1sam-2750fMatch-

Node

supermicroa1sam-2550f_firmwareMatch3.83

AND

supermicroa1sam-2550fMatch-

Node

supermicroa1srm-2758f_firmwareMatch3.83

AND

supermicroa1srm-2758fMatch-

Node

supermicroa1srm-2558f_firmwareMatch3.83

AND

supermicroa1srm-2558fMatch-

Node

supermicroa1sai-2750f_firmwareMatch3.83

AND

supermicroa1sai-2750fMatch-

Node

supermicroa1sai-2550f_firmwareMatch3.83

AND

supermicroa1sai-2550fMatch-

Node

supermicroa1sri-2758f_firmwareMatch3.83

AND

supermicroa1sri-2758fMatch-

Node

supermicroa1sri-2558f_firmwareMatch3.83

AND

supermicroa1sri-2558fMatch-

Node

supermicroa1sri-2358fMatch-

AND

supermicroa1sri-2358f_firmwareMatch3.83

Node

supermicrom11sdv-8c\+-ln4fMatch-

AND

supermicrom11sdv-8c\+-ln4f_firmwareMatch3.15

Node

supermicrom11sdv-8c-ln4fMatch-

AND

supermicrom11sdv-8c-ln4f_firmwareMatch3.15

Node

supermicrom11sdv-8ct-ln4fMatch-

AND

supermicrom11sdv-8ct-ln4f_firmwareMatch3.15

Node

supermicrom11sdv-4c-ln4fMatch-

AND

supermicrom11sdv-4c-ln4f_firmwareMatch3.15

Node

supermicrom11sdv-4ct-ln4fMatch-

AND

supermicrom11sdv-4ct-ln4f_firmwareMatch3.15

Node

supermicrox9drg-h\(t\)fMatch-

AND

supermicrox9drg-h\(t\)f_firmwareMatch3.3

Node

supermicrox9drh-7\/i\(t\)fMatch-

AND

supermicrox9drh-7\/i\(t\)f_firmwareMatch3.3

Node

supermicrox9dr3\/i-f_firmwareMatch3.3

AND

supermicrox9dr3\/i-fMatch-

Node

supermicrox9drt-h_series_firmwareMatch3.3

AND

supermicrox9drt-h_seriesMatch-

Node

supermicrox9drt_series_firmwareMatch3.3

AND

supermicrox9drt_seriesMatch-

Node

supermicrox9dr3\/i-ln4f\+_firmwareMatch3.3

AND

supermicrox9dr3\/i-ln4f\+Match-

Node

supermicrox9drd-7ln4f_series_firmwareMatch3.3

AND

supermicrox9drd-7ln4f_seriesMatch-

Node

supermicrox9drd-ef_firmwareMatch3.3

AND

supermicrox9drd-efMatch-

Node

supermicrox9drl-3\/if_firmwareMatch3.3

AND

supermicrox9drl-3\/ifMatch-

Node

supermicrox9drw-3ln4f\+\/3tf\+_firmwareMatch3.3

AND

supermicrox9drw-3ln4f\+\/3tf\+Match-

Node

supermicrox9drw-3\/if_firmwareMatch3.3

AND

supermicrox9drw-3\/ifMatch-

Node

supermicrox9drw-7\/itpf\+_firmwareMatch3.3

AND

supermicrox9drw-7\/itpf\+Match-

Node

supermicrox9dbl-3\/i\(f\)_firmwareMatch3.3

AND

supermicrox9dbl-3\/i\(f\)Match-

Node

supermicrox9da7\/e_firmwareMatch3.3

AND

supermicrox9da7\/eMatch-

Node

supermicrox9dai_firmwareMatch3.3

AND

supermicrox9daiMatch-

Node

supermicrox9db3\/i-\(tp\)f_firmwareMatch3.3

AND

supermicrox9db3\/i-\(tp\)fMatch-

Node

supermicrox9dbs-f\(-2u\)_firmwareMatch3.3

AND

supermicrox9dbs-f\(-2u\)Match-

Node

supermicrox9dbu-3\/if_firmwareMatch3.3

AND

supermicrox9dbu-3\/ifMatch-

Node

supermicrox9dr7\/e-ln4f_firmwareMatch3.3

AND

supermicrox9dr7\/e-ln4fMatch-

Node

supermicrox9dr7\/e-tf\+_firmwareMatch3.3

AND

supermicrox9dr7\/e-tf\+Match-

Node

supermicrox9dr7-jln4f_firmwareMatch3.3

AND

supermicrox9dr7-jln4fMatch-

Node

supermicrox9drd-l\/if_firmwareMatch3.3

AND

supermicrox9drd-l\/ifMatch-

Node

supermicrox9drd-it\+_firmwareMatch3.3

AND

supermicrox9drd-it\+Match-

Node

supermicrox9drd-c\(n\)t\+_firmwareMatch3.3

AND

supermicrox9drd-c\(n\)t\+Match-

Node

supermicrox9drfr_firmwareMatch3.3

AND

supermicrox9drfrMatch-

Node

supermicrox9drff\(-7\)_firmwareMatch3.3

AND

supermicrox9drff\(-7\)Match-

Node

supermicrox9drff-7\/i\(t\)\+_firmwareMatch3.3

AND

supermicrox9drff-7\/i\(t\)\+Match-

Node

supermicrox9drff-7\/i\(t\)g\+_firmwareMatch3.3

AND

supermicrox9drff-7\/i\(t\)g\+Match-

Node

supermicrox9drg-h\(t\)f\+_firmwareMatch3.3

AND

supermicrox9drg-h\(t\)f\+Match-

Node

supermicrox9drg-h\(t\)f\+ii_firmwareMatch3.3

AND

supermicrox9drg-h\(t\)f\+iiMatch-

Node

supermicrox9drg-qf_firmwareMatch3.3

AND

supermicrox9drg-qfMatch-

Node

supermicrox9drg-o\(t\)f-cpu_firmwareMatch3.3

AND

supermicrox9drg-o\(t\)f-cpuMatch-

Node

supermicrox9drl-7\/ef_firmwareMatch3.3

AND

supermicrox9drl-7\/efMatch-

Node

supermicrox9drt-p_series_firmwareMatch3.3

AND

supermicrox9drt-p_seriesMatch-

Node

supermicrox9drt-hf\+_firmwareMatch3.3

AND

supermicrox9drt-hf\+Match-

Node

supermicrox9drw-c\(t\)f31_firmwareMatch3.3

AND

supermicrox9drw-c\(t\)f31Match-

Node

supermicrox9drw-7\/itpf_firmwareMatch3.3

AND

supermicrox9drw-7\/itpfMatch-

Node

supermicrox9drh-if-nv_firmwareMatch3.3

AND

supermicrox9drh-if-nvMatch-

Node

supermicrox9drx\+-f_firmwareMatch3.3

AND

supermicrox9drx\+-fMatch-

Node

supermicrox9dax-7\/i\(t\)f_firmwareMatch3.3

AND

supermicrox9dax-7\/i\(t\)fMatch-

Node

supermicrox9dax-7\/if-hft_firmwareMatch3.3

AND

supermicrox9dax-7\/if-hftMatch-

Node

supermicrox9dal-3\/i_firmwareMatch3.3

AND

supermicrox9dal-3\/iMatch-

Node

supermicrox9sre\/i_series_firmwareMatch3.3

AND

supermicrox9sre\/i_seriesMatch-

Node

supermicrox9srh-7\(t\)f_firmwareMatch3.3

AND

supermicrox9srh-7\(t\)fMatch-

Node

supermicrox9srd-f_firmwareMatch3.3

AND

supermicrox9srd-fMatch-

Node

supermicrox9srw-f_firmwareMatch3.3

AND

supermicrox9srw-fMatch-

Node

supermicrox9srg-f_firmwareMatch3.3

AND

supermicrox9srg-fMatch-

Node

supermicrox9srl\(-f\)_firmwareMatch3.3

AND

supermicrox9srl\(-f\)Match-

Node

supermicrox9sra_firmwareMatch3.3

AND

supermicrox9sraMatch-

Node

supermicrox9sae\(-v\)_firmwareMatch2.3

AND

supermicrox9sae\(-v\)Match-

Node

supermicrox9scl\+-f_firmwareMatch2.3

AND

supermicrox9scl\+-fMatch-

Node

supermicrox9scl\(-f\)_firmwareMatch2.3

AND

supermicrox9scl\(-f\)Match-

Node

supermicrox9scm\(-f\)_firmwareMatch2.3

AND

supermicrox9scm\(-f\)Match-

Node

supermicrox9scd_series_firmwareMatch2.3

AND

supermicrox9scd_seriesMatch-

Node

supermicrox9sca\(-f\)_firmwareMatch2.3

AND

supermicrox9sca\(-f\)Match-

Node

supermicrox9sci-ln4\(f\)_firmwareMatch2.3

AND

supermicrox9sci-ln4\(f\)Match-

Node

supermicrox9qri-f_firmwareMatch3.3

AND

supermicrox9qri-fMatch-

Node

supermicrox9qr7-tf_firmwareMatch3.3

AND

supermicrox9qr7-tfMatch-

Node

supermicrox9qri-f\+_firmwareMatch3.3

AND

supermicrox9qri-f\+Match-

Node

supermicrox9qr7-tf\+_firmwareMatch3.3

AND

supermicrox9qr7-tf\+Match-

Node

supermicrob9dri_firmwareMatch3.3

AND

supermicrob9driMatch-

Node

supermicrob9dr7_firmwareMatch3.3

AND

supermicrob9dr7Match-

Node

supermicrob9drp_firmwareMatch3.3

AND

supermicrob9drpMatch-

Node

supermicrob9drg-3m_firmwareMatch3.3

AND

supermicrob9drg-3mMatch-

Node

supermicrob9drg-e_firmwareMatch3.3

AND

supermicrob9drg-eMatch-

Node

supermicrob9drg_firmwareMatch3.3

AND

supermicrob9drgMatch-

Node

supermicrob9drt_firmwareMatch3.3

AND

supermicrob9drtMatch-

Node

supermicrob9qr7\(-tp\)_firmwareMatch3.3

AND

supermicrob9qr7\(-tp\)Match-

CPENameOperatorVersion
supermicro:x11dai-n_firmwaresupermicro x11dai-n firmwareeq1.71.5

CPE	Name	Operator	Version
supermicro:x11dai-n_firmware	supermicro x11dai-n firmware	eq	1.71.5

References

eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/

github.com/eclypsium/USBAnywhere

www.supermicro.com/support/security_BMC_virtual_media.cfm

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.2%

JSON

Related for CVE-2019-16649

cvelist1 prion1 nvd1 ibm1