Ami Megarac_spx
21 CVEs affecting Ami Megarac_spx. Latest disclosed: 2024-01-09. Critical: 2, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-37293 | Critical | 9.6 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of t… |
CVE-2023-3043 | Critical | 9.6 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploita… |
CVE-2023-37297 | High | 8.3 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this… |
CVE-2023-37296 | High | 8.3 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of th… |
CVE-2023-37295 | High | 8.3 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of t… |
CVE-2023-37294 | High | 8.3 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of… |
CVE-2023-34336 | High | 8.1 | 2023-06-12 | AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execut… |
CVE-2023-34333 | High | 7.8 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful expl… |
CVE-2023-34332 | High | 7.8 | 2024-01-09 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful explo… |
CVE-2023-34335 | High | 7.7 | 2023-06-12 | AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections… |
CVE-2023-34337 | High | 7.6 | 2023-07-05 | AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A succe… |
CVE-2023-34334 | High | 7.2 | 2023-06-12 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to cod… |
CVE-2023-34343 | High | 7.2 | 2023-06-12 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to cod… |
CVE-2023-34341 | High | 7.2 | 2023-06-12 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within the memor… |
CVE-2023-34338 | High | 7.1 | 2023-07-05 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit… |
CVE-2023-34473 | Medium | 6.6 | 2023-07-05 | AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead… |
CVE-2023-34345 | Medium | 6.5 | 2023-06-12 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information… |
CVE-2023-34471 | Medium | 6.3 | 2023-07-05 | AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC)… |
CVE-2023-34342 | Medium | 6.0 | 2023-06-12 | AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to… |
CVE-2023-34472 | Medium | 5.7 | 2023-07-05 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of t… |