Vulnerabilities > AMI > Megarac SP X > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-05 | CVE-2023-34472 | Unspecified vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. | 6.5 |
| 2023-06-12 | CVE-2023-34344 | Information Exposure Through Discrepancy vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure. | 5.3 |
| 2023-06-12 | CVE-2023-34345 | Path Traversal vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure. | 6.5 |
| 2023-02-15 | CVE-2023-25192 | Exposure of Resource to Wrong Sphere vulnerability in AMI Megarac Sp-X 12/13 AMI MegaRAC SPX devices allow User Enumeration through Redfish. | 5.3 |