Buffer overflow in Supermicro Intelligent_platform_management_firmware

CVE-2013-3622

Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allows remote authenticated users to execute arbitrary code via the SID p…

Vulnerability class: Buffer Overflow

EPSS: 0.055 (90.4th percentile) — read the EPSS interpretation.

Affected products

Supermicro Intelligent_platform_management_firmware — versions 2.24
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

64259 (vdb-entry, x_refsource_BID)
cret@cert.org (Exploit, x_refsource_MISC)
cret@cert.org (x_refsource_CONFIRM)