NotCVE - vendor:"Ami" product:"Megarac Sp-x"

Page 3 of 29 results (0.002 seconds)

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-34345

https://notcve.org/view.php?id=CVE-2023-34345

12 Jun 2023 — AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure. AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-34344 – A vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username

https://notcve.org/view.php?id=CVE-2023-34344

12 Jun 2023 — AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure. AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf • CWE-203: Observable Discrepancy •

CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-28863

https://notcve.org/view.php?id=CVE-2023-28863

18 Apr 2023 — AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023003.pdf • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-25192

https://notcve.org/view.php?id=CVE-2023-25192

15 Feb 2023 — AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023002.pdf • CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-25191

https://notcve.org/view.php?id=CVE-2023-25191

15 Feb 2023 — AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023002.pdf • CWE-522: Insufficiently Protected Credentials •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-26872 – Password reset interception via API

https://notcve.org/view.php?id=CVE-2022-26872

30 Jan 2023 — AMI Megarac Password reset interception via API • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-2827 – AMI MegaRAC User Enumeration Vulnerability

https://notcve.org/view.php?id=CVE-2022-2827

05 Dec 2022 — AMI MegaRAC User Enumeration Vulnerability Vulnerabilidad de enumeración de usuarios de AMI MegaRAC • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-40259 – MegaRAC Default Credentials Vulnerability

https://notcve.org/view.php?id=CVE-2022-40259

05 Dec 2022 — MegaRAC Default Credentials Vulnerability Vulnerabilidad de credenciales predeterminadas de MegaRAC • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf • CWE-287: Improper Authentication CWE-798: Use of Hard-coded Credentials •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-40242 – MegaRAC Default Credentials Vulnerability

https://notcve.org/view.php?id=CVE-2022-40242

1 2 3