Lucene search
HistoryJan 30, 2023 - 4:15 p.m.
CVE-2022-26872
ami
megarac
password reset
interception
api
cve-2022-26872
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.002
Percentile
60.9%
AMI Megarac Password reset interception via API
Affected configurations
Node
amimegarac_sp-xMatch12-
ORamimegarac_sp-xMatch13-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ami | megarac_sp-x | 12 | cpe:2.3:o:ami:megarac_sp-x:12:-:*:*:*:*:*:* |
| ami | megarac_sp-x | 13 | cpe:2.3:o:ami:megarac_sp-x:13:-:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-26872 Password reset interception via API
2023-01-30 15:55:38
prion
prion
Design/Logic Flaw
2023-01-30 16:15:00
cert
cert
Tychon is vulnerable to privilege escalation due to OPENSSLDIR location
2022-04-28 00:00:00
cve
cve
CVE-2022-26872
2023-01-30 16:15:08
vulnrichment
vulnrichment
CVE-2022-26872 Password reset interception via API
2023-01-30 15:55:38
thn
thn
Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks
2023-07-20 16:56:00
nvidia
nvidia
Security Bulletin: NVIDIA DGX A100 and DGX A800 - June 2023
2023-06-30 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.002
Percentile
60.9%
Related for NVD:CVE-2022-26872