Lucene search

K
cve[email protected]CVE-2023-37293
HistoryJan 09, 2024 - 11:15 p.m.

CVE-2023-37293

2024-01-0923:15:08
CWE-787
CWE-121
web.nvd.nist.gov
6
ami
spx
vulnerability
cve-2023-37293
bmc
buffer overflow
network
exploitation
confidentiality
integrity
availability
nvd

9.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause a
stack-based buffer overflow via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.

Affected configurations

NVD
Node
amimegarac_sp-xRange1212.7
OR
amimegarac_sp-xRange1313.6

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "MegaRAC_SPx",
    "vendor": "AMI",
    "versions": [
      {
        "lessThan": "12.7",
        "status": "affected",
        "version": "12",
        "versionType": "RC"
      },
      {
        "lessThan": "13.6",
        "status": "affected",
        "version": "13",
        "versionType": "RC"
      }
    ]
  }
]

9.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.2%

Related for CVE-2023-37293