CVE-2024-3411

Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device...

CVE-2024-3411

CVE-2024-3411 describes insufficient randomness in IPMI Authenticated sessions, allowing an attacker on the BMC network to predict IPMI session IDs or BMC random values and hijack or replay sessions to issue arbitrary IPMI commands. Details across connected sources confirm this is a cross-vendor ...

CVE-2024-3411 Insufficient Randomness When Validating an IPMI Authenticated Session

Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device...

CVE-2024-3411 Insufficient Randomness When Validating an IPMI Authenticated Session

Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device...

Oracle: Security Advisory (ELSA-2008-0885)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...