7 matches found
CVE-2022-40258
AMI Megarac Weak password hashes for Redfish & API...
Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software
Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller BMC software, nearly two months after three security vulnerabilities were brought to light in the same product. Firmware security firm Eclypsium said the two shortcomings were held back until n...
CVE-2022-40258
creationtimestamp| type| source ---|---|--- 2023-01-31 07:37:46+00:00| seen| https://t.me/cibsecurity/57200 2023-02-01 13:41:32+00:00| seen| https://t.me/truesecator/4011 2023-07-21 15:30:05+00:00| seen| https://t.me/truesecator/4644 2025-03-19 10:01:34+00:00| seen| https://t.me/itsecnews/5534...
CVE-2022-40258
AMI Megarac Weak password hashes for Redfish & API...
CVE-2022-40258 Weak password hashes for Redfish & API
AMI Megarac Weak password hashes for Redfish & API...
CVE-2022-40258 Weak password hashes for Redfish & API
AMI Megarac Weak password hashes for Redfish & API...
CVE-2022-40258
CVE-2022-40258 affects AMI MegaRAC BMC software, describing weak password hashes for Redfish and API. Technical details from connected sources show that older MegaRAC devices use MD5 with a global salt, while newer devices use SHA-512 with per-user salts, enabling potential password cracking. Rel...