The vulnerabilities of Redfish components and the API of microprogramming software for AMI MegaRAC controllers allow a perpetrator to gain unauthorized access to protected information.

The vulnerability of Redfish components and the API of microprogramming software for AMI MegaRAC controllers is related to insufficient calculation of password hashes. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...