Vulnerabilities > CVE-2023-25192 - Exposure of Resource to Wrong Sphere vulnerability in AMI Megarac Sp-X 12/13

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ami
CWE-668
NVD
Published: 2023-02-15
Updated: 2023-02-24

Summary

AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.

Vulnerable Configurations

Part Description Count
OS
Ami
2

Common Weakness Enumeration (CWE)

References