2 matches found
Security Bulletin: This Power System update is being released to address CVE-2019-16649 and CVE-2019-16650
Summary POWER8 and POWER9: In response to security issues with virtual media, new Power System firmware updates are being released to address Common Vulnerabilities and Exposures issue numbers CVE-2019-16649 and CVE-2019-16650. Vulnerability Details CVEID:CVE-2019-16649 DESCRIPTION: Multiple...
CVE-2019-16650
CVE-2019-16650 affects Supermicro X10/X11 BMCs. The vulnerability stems from improper authentication in the virtual media service, allowing an attacker to transfer a client’s access privileges to another client that shares the same socket file descriptor. In practice, a remote attacker could conn...