Vulnerabilities > AMI > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-12 | CVE-2023-34469 | Unspecified vulnerability in AMI Aptio V AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. low complexity ami | 4.6 |
| 2023-07-05 | CVE-2023-34472 | Unspecified vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. | 6.5 |
| 2023-06-12 | CVE-2023-34344 | Information Exposure Through Discrepancy vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure. | 5.3 |
| 2023-06-12 | CVE-2023-34345 | Path Traversal vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure. | 6.5 |
| 2023-02-15 | CVE-2023-25192 | Exposure of Resource to Wrong Sphere vulnerability in AMI Megarac Sp-X 12/13 AMI MegaRAC SPX devices allow User Enumeration through Redfish. | 5.3 |
| 2023-01-31 | CVE-2022-40258 | Use of Password Hash With Insufficient Computational Effort vulnerability in AMI Megarac Spx-12 and Megarac Spx-13 AMI Megarac Weak password hashes for Redfish & API | 5.3 |