211 matches found
Security Bulletin: This Power System update is being released to address CVE-2024-41660
Summary The BMC's service location protocol SLP service is vulnerable to an attacker who has network access to the BMC causing a buffer overflow which could lead to arbitrary code execution on the BMC. Vulnerability Details CVEID:CVE-2024-41660 DESCRIPTION: OpenBMC slpd-lite is vulnerable to a...
Security Bulletin: This Power System update is being released to address CVE-2024-35124
Summary The BMC is vulnerable during the time it is connected to the network and does not yet have its "admin" account password set. Vulnerability Details CVEID:CVE-2024-35124 DESCRIPTION: During OpenBMC new installation, an attacker with network access gain administrative access even if the...
CVE-2024-41660
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon o...
CVE-2024-41660 slpd-lite unauthenticated memory corruption
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon o...
CVE-2024-41660 slpd-lite unauthenticated memory corruption
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon o...
CVE-2024-41660 slpd-lite unauthenticated memory corruption
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon o...
CVE-2024-41660
CVE-2024-41660 affects OpenBMC slpd-lite, a unicast SLP UDP server. The root cause is a buffer overflow due to improper bounds checking in the slpd-lite daemon, allowing a remote attacker to overflow memory by sending crafted UDP packets to port 427 on the BMC. Documented impacts include memory c...
CVE-2024-31916
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...
CVE-2024-31916
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...
CVE-2024-31916 IBM OpenBMC information disclosure
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...
CVE-2024-31916 IBM OpenBMC information disclosure
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...
CVE-2024-31916
CVE-2024-31916 (IBM OpenBMC) affects OpenBMC versions FW1050.00–FW1050.10, where the BMCWeb HTTPS server component could disclose sensitive URI content to an unauthenticated user. Root cause: improper exposure in the HTTPS server that bypasses authentication channels. Impact is limited to sensiti...
PT-2024-24280 · Ibm · Ibm Openbmc
Name of the Vulnerable Software and Affected Versions: IBM OpenBMC versions FW1050.00 through FW1050.10 Description: The BMCWeb HTTPS server component in IBM OpenBMC could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. Recommendations: For versions...
Security Bulletin: This Power System update is being released to address CVE-2024-31916
Summary This affects the BMC's HTTPS-based Redfish interface. Note the BMC's web-based ASMI interface uses the Redfish interface. Vulnerability Details CVEID:CVE-2024-31916 DESCRIPTION: IBM OpenBMC's BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that...
Security Bulletin: This Power System update is being released to address CVE-2023-45857
Summary This affects the BMC's ASMi web application. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By inserting the X-XSRF-TOKEN header using the secret XSRF-TOKEN cookie value in al...
Security Bulletin: This Power System update is being released to address CVE 2020-10735
Summary BMC firmware version OP910 uses Python to help serve HTTPS requests but Python is not used to process the request body, so this access vector is not vulnerable the Python long integer vulnerability. A BMC administrator who uses Python from the BMC's command line is subject to this...
The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers lies in the insufficient protection of registration data, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2023-31189
Improper authentication in some IntelR Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access...
CVE-2023-32280
Insufficiently protected credentials in some IntelR Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access...
CVE-2023-31189
Improper authentication in some IntelR Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access...