26 matches found
CVE-2023-40285
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue...
Exploit for Improper Privilege Management in Supermicro X11Ssm-F_Firmware
CVE-2023-40289 ============== This is an exploit for CVE-2023-...
CVE-2023-40289
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges...
Supermicro X11 安全漏洞
The Supermicro X11 is a server motherboard from American Supermicro Computer Supermicro. A security vulnerability exists in Supermicro X11SSM-F, X11SAE-F, X11SSE-F version 1.66. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
Supermicro X11 安全漏洞
The Supermicro X11 is a server motherboard from American Supermicro Computer Supermicro. A security vulnerability exists in Supermicro X11SSM-F, X11SAE-F, X11SSE-F version 1.66. An attacker could exploit this vulnerability to elevate the privileges of a user with BMC administrative privileges...
CVE-2023-33412
The web interface in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request targetin...
CVE-2023-33413
The configuration functionality in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands...
CVE-2023-33411
A web server in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive...
Directory traversal
A web server in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive...
Supermicro X11 Security Vulnerability
Supermicro X11 is a server motherboard from Supermicro Computer USA. A security vulnerability exists in the Supermicro X11 that originates from allowing an authenticated remote user to execute arbitrary commands via a crafted request...
Supermicro X11 Security Vulnerability
Supermicro X11 is a server motherboard from Supermicro Computer USA. A security vulnerability exists in the Supermicro X11 that originates from allowing an authenticated remote user to execute arbitrary commands...
CVE-2023-33411
A web server in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive...
PT-2023-24338 · Supermicro · Supermicro X11
Name of the Vulnerable Software and Affected Versions: Supermicro X11 and M11 based devices versions through 3.17.02 Description: The configuration functionality in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation allows remote authenticated...
PT-2023-8803 · Supermicro · Supermicro X11
Name of the Vulnerable Software and Affected Versions: Supermicro X11 and M11 based devices versions prior to 3.17.02 Description: The web interface in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation allows remote authenticated users to execut...
CVE-2023-33413
The configuration functionality in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands...
Supermicro X11 Security Vulnerability
Supermicro X11 is a server motherboard from Supermicro Computer USA. A security vulnerability exists in the Supermicro X11 that originates from allowing an unauthenticated remote user to perform directory traversal, which could potentially disclose sensitive information...
CVE-2023-33413
The PT-Security entry for CVE-2023-33413 details a flaw in Supermicro IPMI BMC on X11/M11 devices up to firmware 3.17.02. The root cause is hardcoded configuration file encryption keys used by the IPMI BMC config function, enabling remote authenticated users to craft/upload a malicious configurat...
The vulnerability in the web interface of BMC IPMI Supermicro X11 servers relates to the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the web interface of BMC IPMI Supermicro X11 series servers exists due to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability in the web interface of Supermicro X11 series BMC IPMI servers relates to the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the web interface of BMC IPMI Supermicro X11 series servers exists due to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability in the web interface of BMC IPMI Supermicro X11 servers exists due to the lack of protective measures for the web page structure. This allows attackers to execute XSS attacks.
The vulnerability in the web interface of BMC IPMI Supermicro X11 series servers exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using specially crafted GET requests...