CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
44.0%
A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive information.
Vendor | Product | Version | CPE |
---|---|---|---|
supermicro | m11sdv-4c-ln4f | - | cpe:2.3:h:supermicro:m11sdv-4c-ln4f:-:*:*:*:*:*:*:* |
supermicro | m11sdv-4c-ln4f_firmware | * | cpe:2.3:o:supermicro:m11sdv-4c-ln4f_firmware:*:*:*:*:*:*:*:* |
supermicro | m11sdv-4ct-ln4f | - | cpe:2.3:h:supermicro:m11sdv-4ct-ln4f:-:*:*:*:*:*:*:* |
supermicro | m11sdv-4ct-ln4f_firmware | * | cpe:2.3:o:supermicro:m11sdv-4ct-ln4f_firmware:*:*:*:*:*:*:*:* |
supermicro | m11sdv-8c-ln4f | - | cpe:2.3:h:supermicro:m11sdv-8c-ln4f:-:*:*:*:*:*:*:* |
supermicro | m11sdv-8c-ln4f_firmware | * | cpe:2.3:o:supermicro:m11sdv-8c-ln4f_firmware:*:*:*:*:*:*:*:* |
supermicro | m11sdv-8ct-ln4f | - | cpe:2.3:h:supermicro:m11sdv-8ct-ln4f:-:*:*:*:*:*:*:* |
supermicro | m11sdv-8ct-ln4f_firmware | * | cpe:2.3:o:supermicro:m11sdv-8ct-ln4f_firmware:*:*:*:*:*:*:*:* |
supermicro | m11sdv-8c\+-ln4f | - | cpe:2.3:h:supermicro:m11sdv-8c\+-ln4f:-:*:*:*:*:*:*:* |
supermicro | m11sdv-8c\+-ln4f_firmware | * | cpe:2.3:o:supermicro:m11sdv-8c\+-ln4f_firmware:*:*:*:*:*:*:*:* |