CVE-2023-34341

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure, or data tampering.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*
cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:07

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 7.2
References () https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf - Vendor Advisory () https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf - Vendor Advisory

20 Jun 2023, 15:32

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
First Time Ami
Ami megarac Sp-x
References (MISC) https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf - (MISC) https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf - Vendor Advisory
CWE CWE-119
CPE cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*

12 Jun 2023, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-12 17:15

Updated : 2024-11-21 08:07


NVD link : CVE-2023-34341

Mitre link : CVE-2023-34341

CVE.ORG link : CVE-2023-34341


JSON object : View

Products Affected

ami

  • megarac_sp-x
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer