CVE-2023-3043 — CVSS 9.6 (critical): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A…
CVE-2023-37293 — CVSS 9.6 (critical): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A…
CVE-2023-34329 — CVSS 9.1 (critical): AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful…
CVE-2023-37294 — CVSS 8.3 (high): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful…
CVE-2023-37295 — CVSS 8.3 (high): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful…
CVE-2023-37296 — CVSS 8.3 (high): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful…
CVE-2023-37297 — CVSS 8.3 (high): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful…
CVE-2023-34330 — CVSS 8.2 (high): AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface…
CVE-2023-34336 — CVSS 8.1 (high): AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may…
CVE-2023-34333 — CVSS 7.8 (high): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A…
CVE-2023-34332 — CVSS 7.8 (high): AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A…
CVE-2023-34337 — CVSS 7.6 (high): AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication…
CVE-2023-25191 — CVSS 7.5 (high): AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00.
CVE-2023-34343 — CVSS 7.2 (high): AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands…
CVE-2023-34341 — CVSS 7.2 (high): AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary…
CVE-2023-34334 — CVSS 7.2 (high): AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands…
CVE-2023-34338 — CVSS 7.1 (high): AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate…
CVE-2023-34473 — CVSS 6.6 (medium): AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this…
CVE-2023-34345 — CVSS 6.5 (medium): AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may…
CVE-2023-34471 — CVSS 6.3 (medium): AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message…
CVE-2023-34342 — CVSS 6.0 (medium): AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain…
CVE-2023-34472 — CVSS 5.7 (medium): AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A…
CVE-2023-25192 — CVSS 5.3 (medium): AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.
CVE-2023-34344 — CVSS 5.3 (medium): AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username…