Lucene search
K

414 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:6 p.m.11 views

CVE-2012-4096

The local file editor in the Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574...

6.2CVSS7AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 a.m.7 views

CVE-2019-11179

Insufficient input validation in IntelR Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access...

6.5CVSS6.3AI score0.00874EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:43 a.m.10 views

CVE-2019-11171

Heap corruption in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access...

9.8CVSS7.6AI score0.01561EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:19 a.m.6 views

CVE-2019-5497

NetApp AFF A700s Baseboard Management Controller BMC firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution...

9.8CVSS7.4AI score0.02866EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:49 a.m.6 views

CVE-2012-4112

The Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330...

6.8CVSS7.8AI score0.00328EPSS
Exploits0References1
ICS
ICS
added 2025/05/13 12:0 a.m.10 views

Siemens SIMATIC IPC RS-828A

SUMMARY SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller BMC that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire...

10CVSS7.6AI score0.61202EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/03/21 12:0 a.m.13 views

PT-2025-12460 · Absolute Security +1 · Secure Access

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: This is the first Baseboard Management Controller BMC-related issue to appear on the CISA Known Exploited Vulnerabilities KEV list. It has been observed being exploited in the wild. Recommendations...

5.1CVSS6.2AI score0.00197EPSS
Exploits0References8
OSV
OSV
added 2025/03/11 2:15 p.m.3 views

CVE-2024-54085

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

9.8CVSS5.8AI score0.61202EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.5 views

AMI MegaRAC 安全漏洞

AMI MegaRAC is a family of service processor products from AMI, Inc. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. A security vulnerability exists in AMI...

10CVSS6.8AI score0.61202EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.52 views

PT-2025-6483 · Intel · Intel Server Board S2600Bp +3

Name of the Vulnerable Software and Affected Versions: IntelR Server Board S2600WF versions prior to 02.01.0017 IntelR Server Board S2600ST versions prior to 02.01.0017 IntelR Server Board S2600BP versions prior to 02.01.0017 IntelR Server Board M50CYP versions prior to R01.01.0009 IntelR Server...

7.3CVSS7.4AI score0.00194EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.6 views

PT-2024-5266 · Supermicro · Supermicro X11Dpg-Hgx2 +2

Name of the Vulnerable Software and Affected Versions: Supermicro X11DPG-HGX2 versions prior to BIOS firmware 4.4 Supermicro X11PDG-QT versions prior to BIOS firmware 4.4 Supermicro X11PDG-OT versions prior to BIOS firmware 4.4 Supermicro X11PDG-SN versions prior to BIOS firmware 4.4 Description:...

7.5CVSS7.9AI score0.00152EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/07/11 12:0 a.m.7 views

Supermicro BMC Security Vulnerability

Supermicro BMC is a firmware from Supermicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in the Supermicro BMC that originates from an unauthenticated user being able to post forged data to an interface that triggers a stack buffer...

9.8CVSS8.1AI score0.01293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.11 views

PT-2024-25703 · Ipmi · Ipmi

Name of the Vulnerable Software and Affected Versions: IPMI affected versions not specified Description: The issue concerns implementations of IPMI Authenticated sessions that do not provide enough randomness, making them susceptible to session hijacking. An attacker can exploit this by using...

9.1CVSS7AI score0.00718EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/04/10 12:0 a.m.5 views

The vulnerability of the Intel One Boot Flash Update (OFU) utility for updating BIOS and microprograms (BMC, FRU, and SDR) arises from a flaw in the data protection mechanism. This vulnerability allows an attacker to enhance their privileges.

The vulnerability of the Intel One Boot Flash Update OFU for updating BIOS and microprograms BMC, FRU, and SDR is related to a flaw in the data protection mechanism. Exploiting this vulnerability can allow an attacker to enhance their privileges...

6.7CVSS6.6AI score0.00191EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/03/27 4:15 a.m.2 views

CVE-2023-40289

A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges...

7.2CVSS5.8AI score0.17767EPSS
Exploits1References4
OSV
OSV
added 2024/03/27 4:15 a.m.4 views

CVE-2023-40289

A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges...

7.2CVSS5.8AI score0.17767EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.5 views

Supermicro X11 安全漏洞

The Supermicro X11 is a server motherboard from American Supermicro Computer Supermicro. A security vulnerability exists in Supermicro X11SSM-F, X11SAE-F, X11SSE-F version 1.66. An attacker could exploit this vulnerability to elevate the privileges of a user with BMC administrative privileges...

7.2CVSS6.7AI score0.17767EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/02/22 12:0 a.m.5 views

The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers stems from deficiencies in the authentication process, allowing attackers to escalate their privileges.

The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...

5.2CVSS5.9AI score0.00213EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.9 views

The vulnerability of the Host KVM Daemon on the BMC – Baseboard Management Controller of the NVIDIA DGX A100 server allows a attacker to gain access to read, modify, or delete data, execute arbitrary code, or cause a service failure.

The vulnerability of the NVIDIA DGX A100 server’s Host KVM Daemon, a device management controller, lies in the fact that operation data is written outside of the buffer in memory. Exploiting this vulnerability allows an attacker to gain access to read, modify, or delete data, execute arbitrary...

9.3CVSS8.2AI score0.00603EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.8 views

The vulnerability of the BMC (Baseboard Management Controller) on the NVIDIA DGX A100 server allows a hacker to enhance their privileges, gain access to read, modify, or delete data, execute arbitrary code, or cause a service failure.

The vulnerability of the BMC Baseboard Management Controller in NVIDIA’s DGX A100 server lies in the absence of authentication procedures for critical functions. Exploiting this vulnerability allows an attacker to enhance their privileges, gain read, write, or delete access to data, execute...

7.2CVSS7.8AI score0.00305EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder