CVE-2021-28178

The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...

CVE-2021-28179

The specific function in ASUS BMC’s firmware Web management page Media support configuration setting does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate t...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A buffer overflow vulnerability exists in the ASUS BMC's firmware Web management page, which stems from a specific function that does not validate the length of a user-entered string, and can be exploited by a remote attacker to terminate Web...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A buffer overflow vulnerability exists in the ASUS BMC firmware Web management page, which originates from the LDAP configuration function not validating the length of a string entered by the user, and can be exploited by a remote attacker to...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A security signature issue vulnerability exists in the ASUS BMC firmware Web management page, which originates from a buffer overflow vulnerability due to the SMTP configuration function not validating the length of a string entered by the user. A...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A buffer overflow vulnerability exists in the ASUS BMC firmware Web management page, which originates from a specific function that does not validate the length of a user-entered string, and can be exploited by a remote attacker to terminate a Web...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A buffer overflow vulnerability exists in the ASUS BMC's firmware Web management page, which stems from a specific function that does not validate the length of a user-entered string, and can be exploited by a remote attacker to terminate Web...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A security signature issue vulnerability exists in ASUS BMC's firmware Web management page, which originates from a buffer overflow vulnerability due to the SMTP configuration function not validating the length of a user-entered string. A remote...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A security signature issue vulnerability exists in the ASUS BMC firmware Web management page, which originates from a buffer overflow vulnerability due to a specific function not validating the length of a user-entered string. A remote attacker cou...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A security signature issue vulnerability exists in the ASUS BMC Firmware Web management page, which stems from a buffer overflow vulnerability due to the Service configuration-1 function not validating the length of a user-entered string. A remote...

HPE Superdome Flex serve 安全漏洞

HPE Superdome Flex Server is a modular server product from Hewlett Packard Enterprise hpe. A denial of service vulnerability exists in versions prior to HPE Superdome Flex server 3.30.142, which can be exploited by an attacker to cause connections to the BMC web interface to hang...

CVE-2021-20256

A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

PT-2021-13860 · Red Hat · Red Hat Satellite

Name of the Vulnerable Software and Affected Versions: Red Hat Satellite affected versions not specified Description: A flaw was found in Red Hat Satellite, where the BMC interface exposes the password through the API to an authenticated local attacker with view hosts permission. This poses a...

Multiple Intel Server System Product Buffer Error Vulnerabilities

Intel Server System is a server array card from Intel Corporation USA. A buffer error vulnerability exists in multiple Intel Server System products. The vulnerability originates when a network system or product performs an operation on memory without properly validating data boundaries, resulting...

多款 Intel BMC 固件输入验证错误漏洞

Intel is an American company that develops CPUs and is the world's largest manufacturer of personal computer parts and CPUs. Multiple Intel® Server elevation of privilege vulnerability can be exploited by an attacker to escalate privileges via local access...

多款 Intel BMC 固件信任管理问题漏洞

Intel is an American company that develops CPUs and is the world's largest manufacturer of personal computer parts and CPUs. Multiple Intel® Server information disclosure vulnerability can be exploited by attackers to potentially make information public via local access...

HPE Apollo 70 Path Traversal Vulnerability

The HPE Apollo 70 system is an Arm-based platform that provides the density and scalability required for large HPC cluster deployments. A path traversal vulnerability exists in the libifc.so webdeletesolvideofile function in the Baseboard Management Controller BMC firmware in HPE Apollo 70 versio...

HPE Apollo 70 Path Traversal Vulnerability (CNVD-2021-10582)

The HPE Apollo 70 system is an Arm-based platform that provides the density and scalability required for large HPC cluster deployments. A path traversal vulnerability exists in the libifc.so webdeletevideofile function in the Baseboard Management Controller BMC firmware in HPE Apollo 70 versions...

HPE Apollo 70 Buffer Overflow Vulnerability (CNVD-2021-10579)

The HPE Apollo 70 system is an Arm-based platform that provides the density and scalability required for large HPC cluster deployments. A local buffer overflow vulnerability exists in the libifc.so webifcsetadconfig function in the Baseboard Management Controller BMC firmware in HPE Apollo 70...

HPE Apollo 70 Buffer Overflow Vulnerability (CNVD-2021-10578)

The HPE Apollo 70 system is an Arm-based platform that provides the density and scalability required for large HPC cluster deployments. A local buffer overflow vulnerability exists in the libifc.so websetlicensecfg function in the Baseboard Management Controller BMC firmware in HPE Apollo 70...