Bmc Security Vulnerabilities

CVE-2023-31037

NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the...

CVE-2023-31015

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of...

CVE-2023-31013

NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information...

CVE-2023-31011

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information...

CVE-2023-31012

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information...

CVE-2023-31010

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of...

CVE-2023-31008

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of services, escalation of privileges, and information...

CVE-2023-25534

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2023-31009

NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information...

CVE-2023-25532

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information...

CVE-2023-25531

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of...

CVE-2023-25533

NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of...

CVE-2023-25529

NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information...

CVE-2023-25528

NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial....

CVE-2023-25530

NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information...

CVE-2023-25527

NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information...

CVE-2023-34355

Uncontrolled search path element for some Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2023-2538

A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan S5552 BMC version 3.00 allows an unauthenticated remote attacker to retrieve the private key of the TLS certificate in use by the BMC via forced browsing. This can then be abused to perform...

CVE-2023-28411

Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local...

CVE-2023-25776

Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local...

CVE-2023-25545

Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local...

CVE-2023-24475

Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local...

CVE-2023-25175

Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local...

CVE-2023-22661

Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local...

CVE-2023-22443

Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local...

CVE-2023-22442

Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local...

CVE-2023-22379

Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local...

CVE-2023-22297

Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local...

CVE-2023-25507

NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data...

CVE-2023-25508

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data...

CVE-2023-25505

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code...

CVE-2023-0200

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information...

CVE-2023-0201

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information...

CVE-2022-29493

Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network...

CVE-2022-42287

NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure and data...

CVE-2022-42280

NVIDIA BMC contains a vulnerability in SPX REST auth handler, where an un-authorized attacker can exploit a path traversal, which may lead to authentication...

CVE-2022-42282

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can access arbitrary files, which may lead to information...

CVE-2022-42283

NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code...

CVE-2022-42284

NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This may lead to a credentials...

CVE-2022-42278

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure and data...

CVE-2022-42275

NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of...

CVE-2022-42274

NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code...

CVE-2022-28866

Multiple Improper Access Control was discovered in Nokia AirFrame BMC Web GUI < R18 Firmware v4.13.00. It does not properly validate requests for access to (or editing of) data and functionality in all endpoints under /#settings/ and /api/settings/. By not verifying the permissions for access to...

CVE-2013-4782

The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary...

CVE-2021-31791

In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or timeout of a...

CVE-2021-28204

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command...

CVE-2021-28205

The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system...

CVE-2021-28209

The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system...

CVE-2021-28208

The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system...

CVE-2021-28206

The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system...