Vulnerabilities > AMI > Megarac SP X > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-34332 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network.
local
low complexity
ami CWE-119
7.8
2024-01-09 CVE-2023-34333 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network.
local
low complexity
ami CWE-119
7.8
2024-01-09 CVE-2023-37293 Out-of-bounds Write vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network.
low complexity
ami CWE-787
8.8
2024-01-09 CVE-2023-37294 Out-of-bounds Write vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network.
low complexity
ami CWE-787
8.8
2024-01-09 CVE-2023-37295 Out-of-bounds Write vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network.
low complexity
ami CWE-787
8.8
2024-01-09 CVE-2023-37296 Out-of-bounds Write vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network.
low complexity
ami CWE-787
8.8
2024-01-09 CVE-2023-37297 Out-of-bounds Write vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network.
low complexity
ami CWE-787
8.8
2024-01-09 CVE-2023-3043 Out-of-bounds Write vulnerability in AMI Megarac Sp-X 12/13
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network.
low complexity
ami CWE-787
8.8
2023-07-18 CVE-2023-34329 Authentication Bypass by Spoofing vulnerability in AMI Megarac Sp-X 12/13
AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header.
low complexity
ami CWE-290
8.0
2023-07-18 CVE-2023-34330 Code Injection vulnerability in AMI Megarac Sp-X 12/13
AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface.
network
low complexity
ami CWE-94
8.8