CVSS: 9.0EPSS: 3%CPEs: 2EXPL: 1CVE-2013-3622
https://notcve.org/view.php?id=CVE-2013-3622
Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allows remote authenticated users to execute arbitrary code via the SID parameter. Desbordamiento de búfer en logout.cgi de Intelligent Platform Management Interface (IPMI) con firmware anterior a la versión 3.15 (SMT_X9_315), de la generación de placas madre Supermicro X9, permite a usuarios remotos autenticados ejecutar código arbitrario a través del parámetro SID. • http://www.securityfocus.com/bid/64259 https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities https://support.citrix.com/article/CTX216642 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 96%CPEs: 2EXPL: 3CVE-2013-3623 – Supermicro Onboard IPMI - 'close_window.cgi' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-3623
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter. Múltiples vulnerabilidades buffer overflow de pila en cgi/close_window.cgi en la interfaz web en laIntelligent Platform Management Interface (IPMI) con firmware anterior a 3.15 (SMT_X9_315) en las placas base de la generación Supermicro X9 permite a atacantes remotos ejecutar código arbitrario a través de la (1) sess_sid o (2) parámetro ACT. • https://www.exploit-db.com/exploits/29666 http://www.exploit-db.com/exploits/29666 http://www.securityfocus.com/bid/63775 http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013 https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities https://support.citrix.com/article/CTX216642 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •