Lucene search
HistoryApr 06, 2021 - 5:15 a.m.
CVE-2021-28208
asus
bmc
firmware
web management
unauthorized access
security vulnerability
cve-2021-28208
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
5.2 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:C/I:N/A:N
0.002 Low
EPSS
Percentile
58.9%
The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Affected configurations
Node
asusasmb9-ikvm_firmwareMatch1.11.12
asusasmb9-ikvmMatch-
Node
asusrs720a-e9-rs24-e_firmwareMatch1.10.3
asusrs720a-e9-rs24-eMatch-
Node
asusrs700a-e9-rs4_firmwareMatch1.10.0
asusrs700a-e9-rs4Match-
Node
asusrs700-e9-rs4_firmwareMatch1.09
asusrs700-e9-rs4Match-
Node
asusesc4000_g4x_firmwareMatch1.11.6
asusesc4000_g4xMatch-
Node
asusrs700-e9-rs12_firmwareMatch1.11.5
asusrs700-e9-rs12Match-
Node
asusrs100-e10-pi2_firmwareMatch1.13.6
asusrs100-e10-pi2Match-
Node
asusrs300-e10-ps4_firmwareMatch1.13.6
asusrs300-e10-ps4Match-
Node
asusrs300-e10-rs4_firmwareMatch1.13.6
asusrs300-e10-rs4Match-
Node
asusrs500a-e9-ps4_firmwareMatch1.14.1
asusrs500a-e9-ps4Match-
Node
asusrs500a-e9-rs4_firmwareMatch1.14.1
asusrs500a-e9-rs4Match-
Node
asusrs500a-e9_rs4_u_firmwareMatch1.14.1
asusrs500a-e9_rs4_uMatch-
Node
asuse700_g4_firmwareMatch1.14.1
asuse700_g4Match-
Node
asusws_c422_pro\/se_firmwareMatch1.14.1
asusws_c422_pro\/seMatch-
Node
asusws_x299_pro\/se_firmwareMatch1.14.1
asusws_x299_pro\/seMatch-
Node
asusz11pa-u12_firmwareMatch1.15.1
asusz11pa-u12Match-
Node
asusz11pa-u12\/10g-2s_firmwareMatch1.15.1
asusz11pa-u12\/10g-2sMatch-
Node
asusknpa-u16_firmwareMatch1.13.4
asusknpa-u16Match-
Node
asusesc4000_dhd_g4_firmwareMatch1.13.7
asusesc4000_dhd_g4Match-
Node
asusesc4000_g4_firmwareMatch1.15.2
asusesc4000_g4Match-
Node
asusrs720q-e9-rs24-s_firmwareMatch1.15.0
asusrs720q-e9-rs24-sMatch-
Node
asusrs720q-e9-rs8_firmwareMatch1.15.0
asusrs720q-e9-rs8Match-
Node
asusrs720q-e9-rs8-s_firmwareMatch1.15.0
asusrs720q-e9-rs8-sMatch-
Node
asusz11pa-d8_firmwareMatch1.14.1
asusz11pa-d8Match-
Node
asusz11pa-d8c_firmwareMatch1.14.1
asusz11pa-d8cMatch-
Node
asusrs720-e9-rs24-uMatch-
asusrs720-e9-rs24-u_firmwareMatch1.14.3
Node
asusrs720-e9-rs8-gMatch-
asusrs720-e9-rs8-g_firmwareMatch1.15.2
Node
asusrs500-e9-ps4Match-
asusrs500-e9-ps4_firmwareMatch1.15.4
Node
asuspro_e800_g4Match-
asuspro_e800_g4_firmwareMatch1.14.2
Node
asusrs500-e9-rs4Match-
asusrs500-e9-rs4_firmwareMatch1.15.4
Node
asusrs500-e9-rs4-uMatch-
asusrs500-e9-rs4-u_firmwareMatch1.15.4
Node
asusrs520-e9-rs12-eMatch-
asusrs520-e9-rs12-e_firmwareMatch1.15.3
Node
asusrs520-e9-rs8Match-
asusrs520-e9-rs8_firmwareMatch1.15.3
Node
asusesc8000_g4_firmwareMatch1.15.4
asusesc8000_g4Match-
Node
asusesc8000_g4\/10g_firmwareMatch1.15.4
asusesc8000_g4\/10gMatch-
Node
asusrs720-e9-rs12-e_firmwareMatch1.15.2
asusrs720-e9-rs12-eMatch-
Node
asusws_c621e_sage_firmwareMatch1.15.1
asusws_c621e_sageMatch-
Node
asusrs500a-e10-ps4_firmwareMatch1.15.2
asusrs500a-e10-ps4Match-
Node
asusrs500a-e10-rs4_firmwareMatch1.15.2
asusrs500a-e10-rs4Match-
Node
asusrs700a-e9-rs12v2_firmwareMatch1.15.1
asusrs700a-e9-rs12v2Match-
Node
asusrs700a-e9-rs4v2_firmwareMatch1.15.1
asusrs700a-e9-rs4v2Match-
Node
asusrs720a-e9-rs12v2_firmwareMatch1.15.2
asusrs720a-e9-rs12v2Match-
Node
asusrs720a-e9-rs24v2_firmwareMatch1.15.1
asusrs720a-e9-rs24v2Match-
Node
asusz11pr-d16_firmwareMatch1.15.3
asusz11pr-d16Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| asus:asmb9-ikvm_firmware | asus asmb9-ikvm firmware | eq | 1.11.12 |
CNA Affected
[
{
"product": "BMC firmware for ASMB9-iKVM",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.11.12"
}
]
},
{
"product": "BMC firmware for RS720A-E9-RS24-E",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.10.3"
}
]
},
{
"product": "BMC firmware for RS700A-E9-RS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.10.0"
}
]
},
{
"product": "BMC firmware for RS700-E9-RS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.09"
}
]
},
{
"product": "BMC firmware for ESC4000 G4X",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.11.6"
}
]
},
{
"product": "BMC firmware for RS700-E9-RS12",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.11.5"
}
]
},
{
"product": "BMC firmware for RS100-E10-PI2",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.13.6"
}
]
},
{
"product": "BMC firmware for RS300-E10-PS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.13.6"
}
]
},
{
"product": "BMC firmware for RS300-E10-RS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.13.6"
}
]
},
{
"product": "BMC firmware for RS500A-E9-PS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for RS500A-E9-RS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for RS500A-E9 RS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for E700 G4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for WS C422 PRO/SE",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for WS X299 PRO/SE",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for Z11PA-U12",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.1"
}
]
},
{
"product": "BMC firmware for Z11PA-U12/10G-2S",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.1"
}
]
},
{
"product": "BMC firmware for KNPA-U16",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.13.4"
}
]
},
{
"product": "BMC firmware for ESC4000 DHD G4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.13.7"
}
]
},
{
"product": "BMC firmware for ESC4000 G4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.2"
}
]
},
{
"product": "BMC firmware for RS720Q-E9-RS24-S",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.0"
}
]
},
{
"product": "BMC firmware for RS720Q-E9-RS8",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.0"
}
]
},
{
"product": "BMC firmware for RS720Q-E9-RS8-S",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.0"
}
]
},
{
"product": "BMC firmware for Z11PA-D8",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for Z11PA-D8C",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
},
{
"product": "BMC firmware for RS720-E9-RS24-U",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.3"
}
]
},
{
"product": "BMC firmware for RS720-E9-RS8-G",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.2"
}
]
},
{
"product": "BMC firmware for RS500-E9-PS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.4"
}
]
},
{
"product": "BMC firmware for Pro E800 G4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.14.2"
}
]
},
{
"product": "BMC firmware for RS500-E9-RS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.4"
}
]
},
{
"product": "BMC firmware for RS500-E9-RS4-U",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.4"
}
]
},
{
"product": "BMC firmware for RS520-E9-RS12-E",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.3"
}
]
},
{
"product": "BMC firmware for RS520-E9-RS8",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.3"
}
]
},
{
"product": "BMC firmware for ESC8000 G4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.4"
}
]
},
{
"product": "BMC firmware for ESC8000 G4/10G",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.4"
}
]
},
{
"product": "BMC firmware for RS720-E9-RS12-E",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.2"
}
]
},
{
"product": "BMC firmware for WS C621E SAGE",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.1"
}
]
},
{
"product": "BMC firmware for RS500A-E10-PS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.2"
}
]
},
{
"product": "BMC firmware for RS500A-E10-RS4",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.2"
}
]
},
{
"product": "BMC firmware for RS700A-E9-RS12V2",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.1"
}
]
},
{
"product": "BMC firmware for RS700A-E9-RS4V2",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.1"
}
]
},
{
"product": "BMC firmware for RS720A-E9-RS12V2",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.2"
}
]
},
{
"product": "BMC firmware for RS720A-E9-RS24V2",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.1"
}
]
},
{
"product": "BMC firmware for Z11PR-D16",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "1.15.3"
}
]
}
]Related
prion
prion
Path traversal
2021-04-06 05:15:00
cvelist
cvelist
CVE-2021-28208 ASUS BMC's firmware: path traversal - Get video file function
2021-04-06 00:00:00
nvd
nvd
CVE-2021-28208
2021-04-06 05:15:17
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
5.2 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:C/I:N/A:N
0.002 Low
EPSS
Percentile
58.9%
Related for CVE-2021-28208