Vulnerabilities > CVE-2022-40258 - Use of Password Hash With Insufficient Computational Effort vulnerability in AMI Megarac Spx-12 and Megarac Spx-13
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
AMI Megarac Weak password hashes for Redfish & API
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Common Weakness Enumeration (CWE)
References
- https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf
- https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf
- https://security.netapp.com/advisory/ntap-20230731-0008/
- https://security.netapp.com/advisory/ntap-20230731-0008/