414 matches found
CVE-2012-4096
The local file editor in the Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574...
CVE-2019-11179
Insufficient input validation in IntelR Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access...
CVE-2019-11171
Heap corruption in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access...
CVE-2019-5497
NetApp AFF A700s Baseboard Management Controller BMC firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution...
CVE-2012-4112
The Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330...
Siemens SIMATIC IPC RS-828A
SUMMARY SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller BMC that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire...
PT-2025-12460 · Absolute Security +1 · Secure Access
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: This is the first Baseboard Management Controller BMC-related issue to appear on the CISA Known Exploited Vulnerabilities KEV list. It has been observed being exploited in the wild. Recommendations...
CVE-2024-54085
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...
AMI MegaRAC 安全漏洞
AMI MegaRAC is a family of service processor products from AMI, Inc. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. A security vulnerability exists in AMI...
PT-2025-6483 · Intel · Intel Server Board S2600Bp +3
Name of the Vulnerable Software and Affected Versions: IntelR Server Board S2600WF versions prior to 02.01.0017 IntelR Server Board S2600ST versions prior to 02.01.0017 IntelR Server Board S2600BP versions prior to 02.01.0017 IntelR Server Board M50CYP versions prior to R01.01.0009 IntelR Server...
PT-2024-5266 · Supermicro · Supermicro X11Dpg-Hgx2 +2
Name of the Vulnerable Software and Affected Versions: Supermicro X11DPG-HGX2 versions prior to BIOS firmware 4.4 Supermicro X11PDG-QT versions prior to BIOS firmware 4.4 Supermicro X11PDG-OT versions prior to BIOS firmware 4.4 Supermicro X11PDG-SN versions prior to BIOS firmware 4.4 Description:...
Supermicro BMC Security Vulnerability
Supermicro BMC is a firmware from Supermicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the Supermicro BMC that originates from an unauthenticated user being able to post forged data to an interface that triggers a stack buffer...
PT-2024-25703 · Ipmi · Ipmi
Name of the Vulnerable Software and Affected Versions: IPMI affected versions not specified Description: The issue concerns implementations of IPMI Authenticated sessions that do not provide enough randomness, making them susceptible to session hijacking. An attacker can exploit this by using...
The vulnerability of the Intel One Boot Flash Update (OFU) utility for updating BIOS and microprograms (BMC, FRU, and SDR) arises from a flaw in the data protection mechanism. This vulnerability allows an attacker to enhance their privileges.
The vulnerability of the Intel One Boot Flash Update OFU for updating BIOS and microprograms BMC, FRU, and SDR is related to a flaw in the data protection mechanism. Exploiting this vulnerability can allow an attacker to enhance their privileges...
CVE-2023-40289
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges...
CVE-2023-40289
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges...
Supermicro X11 安全漏洞
The Supermicro X11 is a server motherboard from American Supermicro Computer Supermicro. A security vulnerability exists in Supermicro X11SSM-F, X11SAE-F, X11SSE-F version 1.66. An attacker could exploit this vulnerability to elevate the privileges of a user with BMC administrative privileges...
The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers stems from deficiencies in the authentication process, allowing attackers to escalate their privileges.
The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Host KVM Daemon on the BMC – Baseboard Management Controller of the NVIDIA DGX A100 server allows a attacker to gain access to read, modify, or delete data, execute arbitrary code, or cause a service failure.
The vulnerability of the NVIDIA DGX A100 server’s Host KVM Daemon, a device management controller, lies in the fact that operation data is written outside of the buffer in memory. Exploiting this vulnerability allows an attacker to gain access to read, modify, or delete data, execute arbitrary...
The vulnerability of the BMC (Baseboard Management Controller) on the NVIDIA DGX A100 server allows a hacker to enhance their privileges, gain access to read, modify, or delete data, execute arbitrary code, or cause a service failure.
The vulnerability of the BMC Baseboard Management Controller in NVIDIA’s DGX A100 server lies in the absence of authentication procedures for critical functions. Exploiting this vulnerability allows an attacker to enhance their privileges, gain read, write, or delete access to data, execute...