AMI BMC contains a vulnerability in the IPMI handler, where an
attacker can upload and download arbitrary files under certain circumstances,
which may lead to denial of service, escalation of privileges, information
disclosure, or data tampering.
References
Link | Resource |
---|---|
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Jun 2023, 16:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
20 Jun 2023, 13:46
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 | |
First Time |
Ami
Ami megarac Sp-x |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
CPE | cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:* | |
References | (MISC) https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf - Vendor Advisory |
12 Jun 2023, 18:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-12 18:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-34342
Mitre link : CVE-2023-34342
CVE.ORG link : CVE-2023-34342
JSON object : View
Products Affected
ami
- megarac_sp-x
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')