CVE-2023-34341

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure, or data tampering.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*
cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*

History

20 Jun 2023, 15:32

Type Values Removed Values Added
CPE cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
First Time Ami
Ami megarac Sp-x
CWE CWE-119
References (MISC) https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf - (MISC) https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf - Vendor Advisory

12 Jun 2023, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-12 17:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-34341

Mitre link : CVE-2023-34341

CVE.ORG link : CVE-2023-34341


JSON object : View

Products Affected

ami

  • megarac_sp-x
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer