Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Megarac_sp\-X
(Ami)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 29 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-07-18 | CVE-2023-34329 | AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability. | Megarac_sp\-X | 8.0 | ||
| 2023-07-18 | CVE-2023-34330 | AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | Megarac_sp\-X | 8.8 | ||
| 2023-01-30 | CVE-2022-26872 | AMI Megarac Password reset interception via API | Megarac_sp\-X | 8.8 | ||
| 2023-07-05 | CVE-2023-34337 | AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | Megarac_sp\-X | 8.8 | ||
| 2023-07-05 | CVE-2023-34338 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | Megarac_sp\-X | 9.8 | ||
| 2023-07-05 | CVE-2023-34471 | AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication. | Megarac_sp\-X | 8.1 | ||
| 2023-07-05 | CVE-2023-34472 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity. | Megarac_sp\-X | 6.5 | ||
| 2023-07-05 | CVE-2023-34473 | AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | Megarac_sp\-X | 8.8 | ||
| 2022-12-05 | CVE-2022-40242 | MegaRAC Default Credentials Vulnerability | Megarac_sp\-X | 9.8 | ||
| 2022-12-05 | CVE-2022-40259 | MegaRAC Default Credentials Vulnerability | Megarac_sp\-X | 9.8 |