Vulnerabilities > AMI > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-14 | CVE-2023-39535 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. | 7.8 |
2023-11-14 | CVE-2023-39536 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. | 7.8 |
2023-11-14 | CVE-2023-39537 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. | 7.8 |
2023-09-12 | CVE-2023-34470 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. | 7.8 |
2023-07-18 | CVE-2023-34329 | Authentication Bypass by Spoofing vulnerability in AMI Megarac Sp-X 12/13 AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. | 8.0 |
2023-07-18 | CVE-2023-34330 | Code Injection vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface. | 8.8 |
2023-07-05 | CVE-2023-34337 | Inadequate Encryption Strength vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). | 8.8 |
2023-07-05 | CVE-2023-34471 | Unspecified vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). | 8.1 |
2023-07-05 | CVE-2023-34473 | Use of Hard-coded Credentials vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. | 8.8 |
2023-06-12 | CVE-2023-34334 | OS Command Injection vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering. | 8.8 |