5 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-3287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction,...
PT-2023-24818 · Ami · Ami Spx
Name of the Vulnerable Software and Affected Versions: AMI SPx affected versions not specified Description: The issue is related to a vulnerability in the BMC of AMI SPx, where a user may inject code that could be executed via a Dynamic Redfish Extension interface. This could lead to a loss of...
CVE-2022-3287
When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...
AMI MegaRAC SP-X BMC Redfish Authentication Bypass - Lenovo Support US
No description provided...
AMI MegaRAC SP-X BMC Redfish Authentication Bypass - Lenovo Support US
Lenovo Security Advisory: LEN-31072 Potential Impact: Privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: No CVE Summary Description: AMI has released AMI MegaRAC SP-X Baseboard Management Controller BMC security enhancements to address...