What is CVE-2023-34334?

CVE-2023-34334 is a high-severity vulnerability in Ami Megarac_spx, classified under OS Command Injection. CVSS score: 7.2/10. Published 2023-06-12.

How severe is CVE-2023-34334?

High severity. CVSS v3 base score is 7.2 out of 10.

RCE in Ami Megarac_spx

CVE-2023-34334

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering. …

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.004 (58.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Ami Megarac_spx — versions 12.0, 13.0

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security Advisories/AMI-SA…

Frequently asked questions

What is CVE-2023-34334?: CVE-2023-34334 is a high-severity vulnerability in Ami Megarac_spx, classified under OS Command Injection. CVSS score: 7.2/10. Published 2023-06-12.
How severe is CVE-2023-34334?: High severity. CVSS v3 base score is 7.2 out of 10.