CVE-2023-34334

AMI BMC contains a vulnerability in the SPX REST API, where anattacker with the required privileges can inject arbitrary shell commands,which may lead to code execution, denial of service, information disclosure, ordata tampering.

CVE-2023-34343

AMI BMC contains a vulnerability in the SPX REST API, where anattacker with the required privileges can inject arbitrary shell commands,which may lead to code execution, denial of service, information disclosure, ordata tampering.

CVE-2023-34341

AMI BMC contains a vulnerability in the SPX REST API, where anattacker with the required privileges can read and write to arbitrary locationswithin the memory context of the IPMI server process, which may lead to codeexecution, denial of service, information disclosure, or data tampering.

CVE-2023-34344

AMI BMC contains a vulnerability in the IPMIhandler, where an unauthorized attacker can use certain oracles to guess avalid username, which may lead to information disclosure.

CVE-2023-34342

AMI BMC contains a vulnerability in the IPMI handler, where anattacker can upload and download arbitrary files under certain circumstances,which may lead to denial of service, escalation of privileges, informationdisclosure, or data tampering.

CVE-2023-34345

AMI BMC contains a vulnerability in the SPX REST API, where anattacker with the required privileges can access arbitrary files, which maylead to information disclosure.

CVE-2023-34336

AMI BMC contains a vulnerability in the IPMI handler, where anattacker with the required privileges can cause a buffer overflow, which maylead to code execution, denial of service, or escalation of privileges.