Lucene search

[email protected]CVE-2019-16650

HistorySep 21, 2019 - 2:15 a.m.

CVE-2019-16650

2019-09-2102:15:11

[email protected]

web.nvd.nist.gov

332

supermicro

x10

x11

client access privileges

socket file descriptor

virtual media service

virtual usb devices

bmc

cve-2019-16650

nvd

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%

JSON

On Supermicro X10 and X11 products, a client’s access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the server managed by the BMC.

Affected configurations

NVD

Node

supermicrox11dai-n_firmwareMatch1.71.5

AND

supermicrox11dai-nMatch-

Node

supermicrox11dac_firmwareMatch1.71.5

AND

supermicrox11dacMatch-

Node

supermicrox11dph-tq_firmwareMatch1.71.5

AND

supermicrox11dph-tqMatch-

Node

supermicrox11dph-i_firmwareMatch1.71.5

AND

supermicrox11dph-iMatch-

Node

supermicrox11dph-t_firmwareMatch1.71.5

AND

supermicrox11dph-tMatch-

Node

supermicrox11dps-re_firmwareMatch1.71.5

AND

supermicrox11dps-reMatch-

Node

supermicrox11dsf-e_firmwareMatch1.71.5

AND

supermicrox11dsf-eMatch-

Node

supermicrox11dsn-ts_firmwareMatch1.71.5

AND

supermicrox11dsn-tsMatch-

Node

supermicrox11dsn-tsq_firmwareMatch1.71.5

AND

supermicrox11dsn-tsqMatch-

Node

supermicrox11dsc\+_firmwareMatch1.74

AND

supermicrox11dsc\+Match-

Node

supermicrox11ddw-nt_firmwareMatch1.71.5

AND

supermicrox11ddw-ntMatch-

Node

supermicrox11ddw-l_firmwareMatch1.71.5

AND

supermicrox11ddw-lMatch-

Node

supermicrox11dgq_firmwareMatch1.71.5

AND

supermicrox11dgqMatch-

Node

supermicrox11dpff-sn_firmwareMatch1.71.5

AND

supermicrox11dpff-snMatch-

Node

supermicrox11dpfr-sn_firmwareMatch1.71.5

AND

supermicrox11dpfr-snMatch-

Node

supermicrox11dpfr-s_firmwareMatch1.71.5

AND

supermicrox11dpfr-sMatch-

Node

supermicrox11dpt-ps_firmwareMatch1.71.5

AND

supermicrox11dpt-psMatch-

Node

supermicrox11dpt-b_firmwareMatch1.71.5

AND

supermicrox11dpt-bMatch-

Node

supermicrox11dpt-bh_firmwareMatch1.71.5

AND

supermicrox11dpt-bhMatch-

Node

supermicrox11dpt-l_firmwareMatch3.74

AND

supermicrox11dpt-lMatch-

Node

supermicrox11dpu_firmwareMatch1.71.5

AND

supermicrox11dpuMatch-

Node

supermicrox11dpu-v_firmwareMatch1.71.5

AND

supermicrox11dpu-vMatch-

Node

supermicrox11dpu-x_firmwareMatch1.71.5

AND

supermicrox11dpu-xMatch-

Node

supermicrox11dpu-xll_firmwareMatch1.71.5

AND

supermicrox11dpu-xllMatch-

Node

supermicrox11dpu-z\+_firmwareMatch1.71.5

AND

supermicrox11dpu-z\+Match-

Node

supermicrox11dpu-ze\+_firmwareMatch1.71.5

AND

supermicrox11dpu-ze\+Match-

Node

supermicrox11dpg-sn_firmwareMatch1.71.5

AND

supermicrox11dpg-snMatch-

Node

supermicrox11dpg-qt_firmwareMatch1.71.5

AND

supermicrox11dpg-qtMatch-

Node

supermicrox11dpg-ot-cpu_firmwareMatch1.71.5

AND

supermicrox11dpg-ot-cpuMatch-

Node

supermicrox11dpi-nt_firmwareMatch1.71.5

AND

supermicrox11dpi-ntMatch-

Node

supermicrox11dpi-n_firmwareMatch1.71.5

AND

supermicrox11dpi-nMatch-

Node

supermicrox11dpl-i_firmwareMatch1.71.5

AND

supermicrox11dpl-iMatch-

Node

supermicrox11dpx-t_firmwareMatch1.71.5

AND

supermicrox11dpx-tMatch-

Node

supermicrox11dgo-t_firmwareMatch1.71.5

AND

supermicrox11dgo-tMatch-

Node

supermicrox11sca_firmwareMatch1.71.5

AND

supermicrox11scaMatch-

Node

supermicrox11sca-f_firmwareMatch1.71.5

AND

supermicrox11sca-fMatch-

Node

supermicrox11sch-f_firmwareMatch1.23.2

AND

supermicrox11sch-fMatch-

Node

supermicrox11sch-ln4f_firmwareMatch1.23.2

AND

supermicrox11sch-ln4fMatch-

Node

supermicrox11sca-w_firmwareMatch1.71.5

AND

supermicrox11sca-wMatch-

Node

supermicrox11scl-f_firmwareMatch1.23.2

AND

supermicrox11scl-fMatch-

Node

supermicrox11scl-ln4f_firmwareMatch1.23.2

AND

supermicrox11scl-ln4fMatch-

Node

supermicrox11scl-if_firmwareMatch1.23.2

AND

supermicrox11scl-ifMatch-

Node

supermicrox11scm-f_firmwareMatch1.23.2

AND

supermicrox11scm-fMatch-

Node

supermicrox11scm-ln8f_firmwareMatch1.23.2

AND

supermicrox11scm-ln8fMatch-

Node

supermicrox11scw-f_firmwareMatch3.75.00

AND

supermicrox11scw-fMatch-

Node

supermicrox11spa-t_firmwareMatch1.71.5

AND

supermicrox11spa-tMatch-

Node

supermicrox11spa-tf_firmwareMatch1.71.5

AND

supermicrox11spa-tfMatch-

Node

supermicrox11spi-tf_firmwareMatch1.71.6

AND

supermicrox11spi-tfMatch-

Node

supermicrox11spl-f_firmwareMatch1.71.6

AND

supermicrox11spl-fMatch-

Node

supermicrox11spm-f_firmwareMatch1.71.6

AND

supermicrox11spm-fMatch-

Node

supermicrox11spm-tf_firmwareMatch1.71.6

AND

supermicrox11spm-tfMatch-

Node

supermicrox11spm-tpf_firmwareMatch1.71.6

AND

supermicrox11spm-tpfMatch-

Node

supermicrox11sph-nctf_firmwareMatch1.71.6

AND

supermicrox11sph-nctfMatch-

Node

supermicrox11sph-nctpf_firmwareMatch1.71.6

AND

supermicrox11sph-nctpfMatch-

Node

supermicrox11spw-tf_firmwareMatch1.71.6

AND

supermicrox11spw-tfMatch-

Node

supermicrox11spw-ctf_firmwareMatch1.71.6

AND

supermicrox11spw-ctfMatch-

Node

supermicrox11spg-tf_firmwareMatch1.71.6

AND

supermicrox11spg-tfMatch-

Node

supermicrox11sri-if_firmwareMatch3.75.00

AND

supermicrox11sri-ifMatch-

Node

supermicrox11srl-f_firmwareMatch3.74.2

AND

supermicrox11srl-fMatch-

Node

supermicrox11srm-f_firmwareMatch1.31.1

AND

supermicrox11srm-fMatch-

Node

supermicrox11srm-vf_firmwareMatch1.31.1

AND

supermicrox11srm-vfMatch-

Node

supermicrox11ssl-f_firmwareMatch1.56

AND

supermicrox11ssl-fMatch-

Node

supermicrox11ssm-f_firmwareMatch1.56

AND

supermicrox11ssm-fMatch-

Node

supermicrox11ssl_firmwareMatch1.56

AND

supermicrox11sslMatch-

Node

supermicrox11ssm_firmwareMatch1.56

AND

supermicrox11ssmMatch-

Node

supermicrox11ssh-f_firmwareMatch1.56

AND

supermicrox11ssh-fMatch-

Node

supermicrox11ssh-ln4f_firmwareMatch1.56

AND

supermicrox11ssh-ln4fMatch-

Node

supermicrox11ssw-4tf_firmwareMatch1.56

AND

supermicrox11ssw-4tfMatch-

Node

supermicrox11ssw-tf_firmwareMatch1.56

AND

supermicrox11ssw-tfMatch-

Node

supermicrox11ssw-f_firmwareMatch1.71.5

AND

supermicrox11ssw-fMatch-

Node

supermicrox11ssi-ln4f_firmwareMatch1.71.5

AND

supermicrox11ssi-ln4fMatch-

Node

supermicrox11ssw-f_firmwareMatch3.85.00

AND

supermicrox11ssw-fMatch-

Node

supermicrox11ssh-tf_firmwareMatch1.56

AND

supermicrox11ssh-tfMatch-

Node

supermicrox11ssh-ctf_firmwareMatch1.56

AND

supermicrox11ssh-ctfMatch-

Node

supermicrox11ssl-cf_firmwareMatch1.56

AND

supermicrox11ssl-cfMatch-

Node

supermicrox11ssl-nf_firmwareMatch1.56

AND

supermicrox11ssl-nfMatch-

Node

supermicrox11ssh-gf-1585_firmwareMatch1.56

AND

supermicrox11ssh-gf-1585Match-

Node

supermicrox11ssh-gf-1585l_firmwareMatch1.56

AND

supermicrox11ssh-gf-1585lMatch-

Node

supermicrox11ssh-gtf-1585_firmwareMatch1.56

AND

supermicrox11ssh-gtf-1585Match-

Node

supermicrox11ssh-gtf-1585l_firmwareMatch1.56

AND

supermicrox11ssh-gtf-1585lMatch-

Node

supermicrob11dpt_firmwareMatch3.68

AND

supermicrob11dptMatch-

Node

supermicrob11dpe_firmwareMatch3.68

AND

supermicrob11dpeMatch-

Node

supermicrob11spe-cpu-tf_firmwareMatch3.68

AND

supermicrob11spe-cpu-tfMatch-

Node

supermicrob11spe-cpu-25g_firmwareMatch3.68

AND

supermicrob11spe-cpu-25gMatch-

Node

supermicrob11qpi_firmwareMatch3.68

AND

supermicrob11qpiMatch-

Node

supermicrox11ssd-f_firmwareMatch3.68

AND

supermicrox11ssd-fMatch-

Node

supermicrox11sse-f_firmwareMatch3.68

AND

supermicrox11sse-fMatch-

Node

supermicrob2ss1-cpu_firmwareMatch3.68

AND

supermicrob2ss1-cpuMatch-

Node

supermicrob2ss1-cf_firmwareMatch3.68

AND

supermicrob2ss1-cfMatch-

Node

supermicrob2ss1-f_firmwareMatch3.68

AND

supermicrob2ss1-fMatch-

Node

supermicrob2ss2-f_firmwareMatch3.68

AND

supermicrob2ss2-fMatch-

Node

supermicrob2ss1-mtf_firmwareMatch3.68

AND

supermicrob2ss1-mtfMatch-

Node

supermicrob2ss1-h-mtf_firmwareMatch3.68

AND

supermicrob2ss1-h-mtfMatch-

Node

supermicrob2ss2-mtf_firmwareMatch3.68

AND

supermicrob2ss2-mtfMatch-

Node

supermicrob2ss2-h-mtf_firmwareMatch3.68

AND

supermicrob2ss2-h-mtfMatch-

Node

supermicrox11scd-f_firmwareMatch3.68

AND

supermicrox11scd-fMatch-

Node

supermicrox11sdd-8c-f_firmwareMatch3.68

AND

supermicrox11sdd-8c-fMatch-

Node

supermicrox11sdd-18c-f_firmwareMatch3.68

AND

supermicrox11sdd-18c-fMatch-

Node

supermicrox11qph\+_firmwareMatch1.71.5

AND

supermicrox11qph\+Match-

Node

supermicrox11opi-cpu_firmwareMatch1.71.5

AND

supermicrox11opi-cpuMatch-

Node

supermicrox11sds-8c_firmwareMatch3.74.2

AND

supermicrox11sds-8cMatch-

Node

supermicrox11sds-12c_firmwareMatch3.74.2

AND

supermicrox11sds-12cMatch-

Node

supermicrox11sds-16c_firmwareMatch3.74.2

AND

supermicrox11sds-16cMatch-

Node

supermicrox10ddw-i_firmwareMatch3.83

AND

supermicrox10ddw-iMatch-

Node

supermicrox10ddw-in_firmwareMatch3.83

AND

supermicrox10ddw-inMatch-

Node

supermicrox10drs_firmwareMatch3.83

AND

supermicrox10drsMatch-

Node

supermicrox10drd-i_firmwareMatch3.83

AND

supermicrox10drd-iMatch-

Node

supermicrox10drd-it_firmwareMatch3.83

AND

supermicrox10drd-itMatch-

Node

supermicrox10drd-int_firmwareMatch3.83

AND

supermicrox10drd-intMatch-

Node

supermicrox10drd-intp_firmwareMatch3.83

AND

supermicrox10drd-intpMatch-

Node

supermicrox10drd-itp_firmwareMatch3.83

AND

supermicrox10drd-itpMatch-

Node

supermicrox10drd-l_firmwareMatch3.83

AND

supermicrox10drd-lMatch-

Node

supermicrox10drd-lt_firmwareMatch3.83

AND

supermicrox10drd-ltMatch-

Node

supermicrox10drd-ltp_firmwareMatch3.83

AND

supermicrox10drd-ltpMatch-

Node

supermicrox10drx_firmwareMatch3.83

AND

supermicrox10drxMatch-

Node

supermicrox10drh-cMatch-

AND

supermicrox10drh-c_firmwareMatch3.83

Node

supermicrox10drh-ctMatch-

AND

supermicrox10drh-ct_firmwareMatch3.83

Node

supermicrox10drh-cln4Match-

AND

supermicrox10drh-cln4_firmwareMatch3.83

Node

supermicrox10drh-iMatch-

AND

supermicrox10drh-i_firmwareMatch3.83

Node

supermicrox10drh-itMatch-

AND

supermicrox10drh-it_firmwareMatch3.83

Node

supermicrox10drh-iln4Match-

AND

supermicrox10drh-iln4_firmwareMatch3.83

Node

supermicrox10driMatch-

AND

supermicrox10dri_firmwareMatch3.83

Node

supermicrox10dri-tMatch-

AND

supermicrox10dri-t_firmwareMatch3.83

Node

supermicrox10drc-ln4\+_firmwareMatch3.83

AND

supermicrox10drc-ln4\+Match-

Node

supermicrox10drc-t4\+_firmwareMatch3.83

AND

supermicrox10drc-t4\+Match-

Node

supermicrox10dri-ln4\+_firmwareMatch3.83

AND

supermicrox10dri-ln4\+Match-

Node

supermicrox10dri-t4\+_firmwareMatch3.83

AND

supermicrox10dri-t4\+Match-

Node

supermicrox10drl-ln4_firmwareMatch3.83

AND

supermicrox10drl-ln4Match-

Node

supermicrox10drl-i_firmwareMatch3.83

AND

supermicrox10drl-iMatch-

Node

supermicrox10drl-it_firmwareMatch3.83

AND

supermicrox10drl-itMatch-

Node

supermicrox10drl-c_firmwareMatch3.83

AND

supermicrox10drl-cMatch-

Node

supermicrox10drl-ct_firmwareMatch3.83

AND

supermicrox10drl-ctMatch-

Node

supermicrox10drt-l_firmwareMatch3.83

AND

supermicrox10drt-lMatch-

Node

supermicrox10drt-libq_firmwareMatch3.83

AND

supermicrox10drt-libqMatch-

Node

supermicrox10drt-libf_firmwareMatch3.83

AND

supermicrox10drt-libfMatch-

Node

supermicrox10drt-b\+_firmwareMatch3.83

AND

supermicrox10drt-b\+Match-

Node

supermicrox10drt-h_firmwareMatch3.83

AND

supermicrox10drt-hMatch-

Node

supermicrox10drt-hibf_firmwareMatch3.83

AND

supermicrox10drt-hibfMatch-

Node

supermicrox10drt-ps_firmwareMatch3.83

AND

supermicrox10drt-psMatch-

Node

supermicrox10drt-p_firmwareMatch3.83

AND

supermicrox10drt-pMatch-

Node

supermicrox10drt-pt_firmwareMatch3.83

AND

supermicrox10drt-ptMatch-

Node

supermicrox10drt-pibq_firmwareMatch3.83

AND

supermicrox10drt-pibqMatch-

Node

supermicrox10drt-pibf_firmwareMatch3.83

AND

supermicrox10drt-pibfMatch-

Node

supermicrox10drfr-n_firmwareMatch3.83

AND

supermicrox10drfr-nMatch-

Node

supermicrox10drfr-nt_firmwareMatch3.83

AND

supermicrox10drfr-ntMatch-

Node

supermicrox10drfr_firmwareMatch3.83

AND

supermicrox10drfrMatch-

Node

supermicrox10drfr-t_firmwareMatch3.83

AND

supermicrox10drfr-tMatch-

Node

supermicrox10drff-cg_firmwareMatch3.83

AND

supermicrox10drff-cgMatch-

Node

supermicrox10drff-ctg_firmwareMatch3.83

AND

supermicrox10drff-ctgMatch-

Node

supermicrox10drff-ig_firmwareMatch3.83

AND

supermicrox10drff-igMatch-

Node

supermicrox10drff-itg_firmwareMatch3.83

AND

supermicrox10drff-itgMatch-

Node

supermicrox10drff_firmwareMatch3.83

AND

supermicrox10drffMatch-

Node

supermicrox10drff-c_firmwareMatch3.83

AND

supermicrox10drff-cMatch-

Node

supermicrox10drw-n_firmwareMatch3.83

AND

supermicrox10drw-nMatch-

Node

supermicrox10drw-nt_firmwareMatch3.83

AND

supermicrox10drw-ntMatch-

Node

supermicrox10drw-e_firmwareMatch3.83

AND

supermicrox10drw-eMatch-

Node

supermicrox10drw-et_firmwareMatch3.83

AND

supermicrox10drw-etMatch-

Node

supermicrox10drw-i_firmwareMatch3.83

AND

supermicrox10drw-iMatch-

Node

supermicrox10drw-it_firmwareMatch3.83

AND

supermicrox10drw-itMatch-

Node

supermicrox10dsn-ts_firmwareMatch3.83

AND

supermicrox10dsn-tsMatch-

Node

supermicrox10drg-ot\+-cpu_firmwareMatch3.83

AND

supermicrox10drg-ot\+-cpuMatch-

Node

supermicrox10drg-o\+-cpu_firmwareMatch3.83

AND

supermicrox10drg-o\+-cpuMatch-

Node

supermicrox10dgo-t_firmwareMatch3.83

AND

supermicrox10dgo-tMatch-

Node

supermicrox10dgq_firmwareMatch3.83

AND

supermicrox10dgqMatch-

Node

supermicrox10drg-q_firmwareMatch3.83

AND

supermicrox10drg-qMatch-

Node

supermicrox10drg-h_firmwareMatch3.83

AND

supermicrox10drg-hMatch-

Node

supermicrox10drg-ht_firmwareMatch3.83

AND

supermicrox10drg-htMatch-

Node

supermicrox10dru-i\+_firmwareMatch3.83

AND

supermicrox10dru-i\+Match-

Node

supermicrox10dru-x_firmwareMatch3.83

AND

supermicrox10dru-xMatch-

Node

supermicrox10dru-xll_firmwareMatch3.83

AND

supermicrox10dru-xllMatch-

Node

supermicrox10dsc\+_firmwareMatch3.83

AND

supermicrox10dsc\+Match-

Node

supermicrox10sra-f_firmwareMatch3.83

AND

supermicrox10sra-fMatch-

Node

supermicrox10sra_firmwareMatch3.83

AND

supermicrox10sraMatch-

Node

supermicrox10srd-f_firmwareMatch3.83

AND

supermicrox10srd-fMatch-

Node

supermicrox10srm-f_firmwareMatch3.83

AND

supermicrox10srm-fMatch-

Node

supermicrox10srm-tf_firmwareMatch3.83

AND

supermicrox10srm-tfMatch-

Node

supermicrox10srl-f_firmwareMatch3.83

AND

supermicrox10srl-fMatch-

Node

supermicrox10sri-f_firmwareMatch3.83

AND

supermicrox10sri-fMatch-

Node

supermicrox10srh-cf_firmwareMatch3.83

AND

supermicrox10srh-cfMatch-

Node

supermicrox10srh-cln4f_firmwareMatch3.83

AND

supermicrox10srh-cln4fMatch-

Node

supermicrox10srg-f_firmwareMatch3.83

AND

supermicrox10srg-fMatch-

Node

supermicrox10srl-f_firmwareMatch3.83

AND

supermicrox10srl-fMatch-

Node

supermicrox10srw-f_firmwareMatch3.83

AND

supermicrox10srw-fMatch-

Node

supermicrox10sae_firmwareMatch3.83

AND

supermicrox10saeMatch-

Node

supermicrox10sat_firmwareMatch3.83

AND

supermicrox10satMatch-

Node

supermicrox10slx-f_firmwareMatch3.83

AND

supermicrox10slx-fMatch-

Node

supermicrox10sld-f_firmwareMatch3.83

AND

supermicrox10sld-fMatch-

Node

supermicrox10sld-hf_firmwareMatch3.83

AND

supermicrox10sld-hfMatch-

Node

supermicrox10sle-f_firmwareMatch3.83

AND

supermicrox10sle-fMatch-

Node

supermicrox10sle-hf_firmwareMatch3.83

AND

supermicrox10sle-hfMatch-

Node

supermicrox10sle-df_firmwareMatch3.83

AND

supermicrox10sle-dfMatch-

Node

supermicrox10sl7-f_firmwareMatch3.83

AND

supermicrox10sl7-fMatch-

Node

supermicrox10sla-f_firmwareMatch3.83

AND

supermicrox10sla-fMatch-

Node

supermicrox10slh-f_firmwareMatch3.83

AND

supermicrox10slh-fMatch-

Node

supermicrox10sll\+-f_firmwareMatch3.83

AND

supermicrox10sll\+-fMatch-

Node

supermicrox10sll-f_firmwareMatch3.83

AND

supermicrox10sll-fMatch-

Node

supermicrox10sll-sf_firmwareMatch3.83

AND

supermicrox10sll-sfMatch-

Node

supermicrox10sll-s_firmwareMatch3.83

AND

supermicrox10sll-sMatch-

Node

supermicrox10slm-f_firmwareMatch3.83

AND

supermicrox10slm-fMatch-

Node

supermicrox10slm\+-f_firmwareMatch3.83

AND

supermicrox10slm\+-fMatch-

Node

supermicrox10slm\+-ln4f_firmwareMatch3.83

AND

supermicrox10slm\+-ln4fMatch-

Node

supermicrox10sde-df_firmwareMatch3.68

AND

supermicrox10sde-dfMatch-

Node

supermicrox10sdd-16c-f_firmwareMatch3.68

AND

supermicrox10sdd-16c-fMatch-

Node

supermicrox10sdd-f_firmwareMatch3.68

AND

supermicrox10sdd-fMatch-

Node

supermicrob1sd1-16c-tf_firmwareMatch3.68

AND

supermicrob1sd1-16c-tfMatch-

Node

supermicrob1sd1-tf_firmwareMatch3.68

AND

supermicrob1sd1-tfMatch-

Node

supermicrob1sd2-16c-tf_firmwareMatch3.68

AND

supermicrob1sd2-16c-tfMatch-

Node

supermicrob1sd2-tf_firmwareMatch3.68

AND

supermicrob1sd2-tfMatch-

Node

supermicrob10drc_firmwareMatch3.68

AND

supermicrob10drcMatch-

Node

supermicrob10drc-n_firmwareMatch3.68

AND

supermicrob10drc-nMatch-

Node

supermicrob10dri_firmwareMatch3.68

AND

supermicrob10driMatch-

Node

supermicrob10dri-n_firmwareMatch3.68

AND

supermicrob10dri-nMatch-

Node

supermicrob10drg-ibf_firmwareMatch3.68

AND

supermicrob10drg-ibfMatch-

Node

supermicrob10drg-ibf2_firmwareMatch3.68

AND

supermicrob10drg-ibf2Match-

Node

supermicrob10drg-tp_firmwareMatch3.68

AND

supermicrob10drg-tpMatch-

Node

supermicrob10drt_firmwareMatch3.68

AND

supermicrob10drtMatch-

Node

supermicrob10drt-ibf_firmwareMatch3.68

AND

supermicrob10drt-ibfMatch-

Node

supermicrob10drt-ibf2_firmwareMatch3.68

AND

supermicrob10drt-ibf2Match-

Node

supermicrob10drt-tp_firmwareMatch3.68

AND

supermicrob10drt-tpMatch-

Node

supermicrox10qrh\+_firmwareMatch3.80

AND

supermicrox10qrh\+Match-

Node

supermicrox10qbl-4_firmwareMatch3.80

AND

supermicrox10qbl-4Match-

Node

supermicrox10qbl-4ct_firmwareMatch3.80

AND

supermicrox10qbl-4ctMatch-

Node

supermicrox10qbl_firmwareMatch3.80

AND

supermicrox10qblMatch-

Node

supermicrox10qbl-ct_firmwareMatch3.80

AND

supermicrox10qbl-ctMatch-

Node

supermicrox10qbi_firmwareMatch3.81

AND

supermicrox10qbiMatch-

Node

supermicrox10obi-cpu_firmwareMatch3.83

AND

supermicrox10obi-cpuMatch-

Node

supermicrox10dbt-t_firmwareMatch3.83

AND

supermicrox10dbt-tMatch-

Node

supermicrox10sdv-7tp8f_firmwareMatch3.83

AND

supermicrox10sdv-7tp8fMatch-

Node

supermicrox10sdv-7tp4f_firmwareMatch3.83

AND

supermicrox10sdv-7tp4fMatch-

Node

supermicrox10sdv-2c-7tp4f_firmwareMatch3.83

AND

supermicrox10sdv-2c-7tp4fMatch-

Node

supermicrox10sdv-4c-7tp4f_firmwareMatch3.83

AND

supermicrox10sdv-4c-7tp4fMatch-

Node

supermicrox10sdv-2c-tp4f_firmwareMatch3.83

AND

supermicrox10sdv-2c-tp4fMatch-

Node

supermicrox10sdv-4c\+-tp4f_firmwareMatch3.83

AND

supermicrox10sdv-4c\+-tp4fMatch-

Node

supermicrox10sdv-2c-tp8f_firmwareMatch3.83

AND

supermicrox10sdv-2c-tp8fMatch-

Node

supermicrox10sdv-tp8f_firmwareMatch3.83

AND

supermicrox10sdv-tp8fMatch-

Node

supermicrox10sdv-f_firmwareMatch3.83

AND

supermicrox10sdv-fMatch-

Node

supermicrox10sdv-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-tln4fMatch-

Node

supermicrox10sdv-8c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-8c-tln4fMatch-

Node

supermicrox10sdv-6c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-6c-tln4fMatch-

Node

supermicrox10sdv-2c-tln2f_firmwareMatch3.83

AND

supermicrox10sdv-2c-tln2fMatch-

Node

supermicrox10sdv-4c-tln2f_firmwareMatch3.83

AND

supermicrox10sdv-4c-tln2fMatch-

Node

supermicrox10sdv-4c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-4c-tln4fMatch-

Node

supermicrox10sdv-4c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-4c\+-tln4fMatch-

Node

supermicrox10sdv-6c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-6c\+-tln4fMatch-

Node

supermicrox10sdv-8c-tln4f\+_firmwareMatch3.83

AND

supermicrox10sdv-8c-tln4f\+Match-

Node

supermicrox10sdv-8c\+-ln2f_firmwareMatch3.83

AND

supermicrox10sdv-8c\+-ln2fMatch-

Node

supermicrox10sdv-12c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-12c-tln4fMatch-

Node

supermicrox10sdv-12c-tln4f\+_firmwareMatch3.83

AND

supermicrox10sdv-12c-tln4f\+Match-

Node

supermicrox10sdv-12c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-12c\+-tln4fMatch-

Node

supermicrox10sdv-16c\+-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-16c\+-tln4fMatch-

Node

supermicrox10sdv-16c-tln4f\+_firmwareMatch3.83

AND

supermicrox10sdv-16c-tln4f\+Match-

Node

supermicrox10sdv-16c-tln4f_firmwareMatch3.83

AND

supermicrox10sdv-16c-tln4fMatch-

Node

supermicroa1srm-ln7f-2358_firmwareMatch3.83

AND

supermicroa1srm-ln7f-2358Match-

Node

supermicroa1srm-ln7f-2758_firmwareMatch3.83

AND

supermicroa1srm-ln7f-2758Match-

Node

supermicroa1srm-ln5f-2358_firmwareMatch3.83

AND

supermicroa1srm-ln5f-2358Match-

Node

supermicroa1sa2-2750f_firmwareMatch3.83

AND

supermicroa1sa2-2750fMatch-

Node

supermicroa1sam-2750f_firmwareMatch3.83

AND

supermicroa1sam-2750fMatch-

Node

supermicroa1sam-2550f_firmwareMatch3.83

AND

supermicroa1sam-2550fMatch-

Node

supermicroa1srm-2758f_firmwareMatch3.83

AND

supermicroa1srm-2758fMatch-

Node

supermicroa1srm-2558f_firmwareMatch3.83

AND

supermicroa1srm-2558fMatch-

Node

supermicroa1sai-2750f_firmwareMatch3.83

AND

supermicroa1sai-2750fMatch-

Node

supermicroa1sai-2550f_firmwareMatch3.83

AND

supermicroa1sai-2550fMatch-

Node

supermicroa1sri-2758f_firmwareMatch3.83

AND

supermicroa1sri-2758fMatch-

Node

supermicroa1sri-2558f_firmwareMatch3.83

AND

supermicroa1sri-2558fMatch-

Node

supermicroa1sri-2358f_firmwareMatch3.83

AND

supermicroa1sri-2358fMatch-

CPENameOperatorVersion
supermicro:x11dai-n_firmwaresupermicro x11dai-n firmwareeq1.71.5

CPE	Name	Operator	Version
supermicro:x11dai-n_firmware	supermicro x11dai-n firmware	eq	1.71.5

References

eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/

github.com/eclypsium/USBAnywhere

www.supermicro.com/support/security_BMC_virtual_media.cfm

Social References

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%

JSON

Related for CVE-2019-16650

cvelist1 prion1 nvd1 ibm1