Lucene search

[email protected]NVD:CVE-2013-4782

HistoryJul 08, 2013 - 10:55 p.m.

CVE-2013-4782

2013-07-0822:55:01

CWE-287

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.07 Low

EPSS

Percentile

94.0%

JSON

The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Affected configurations

NVD

Node

supermicrobmc

References

fish2.com/ipmi/cipherzero.html

osvdb.org/show/osvdb/93038

www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero

www.wired.com/threatlevel/2013/07/ipmi/

lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.07 Low

EPSS

Percentile

94.0%

JSON

Related for NVD:CVE-2013-4782

prion1 cvelist1 cve1