Show filters
14 Total Results
Displaying 1-10 of 14
Sort by:
Attacker Value
Unknown

CVE-2023-34330

Disclosure Date: July 18, 2023 (last updated February 25, 2025)
AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34329

Disclosure Date: July 18, 2023 (last updated February 25, 2025)
AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability.
Attack Vector: Adjacent NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34473

Disclosure Date: July 05, 2023 (last updated February 25, 2025)
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34472

Disclosure Date: July 05, 2023 (last updated February 25, 2025)
AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34471

Disclosure Date: July 05, 2023 (last updated February 25, 2025)
AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34338

Disclosure Date: July 05, 2023 (last updated February 25, 2025)
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. 
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34337

Disclosure Date: July 05, 2023 (last updated February 25, 2025)
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-28863

Disclosure Date: April 18, 2023 (last updated February 24, 2025)
AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-25192

Disclosure Date: February 15, 2023 (last updated February 24, 2025)
AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-25191

Disclosure Date: February 15, 2023 (last updated February 24, 2025)
AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >