Vulnerabilities > Openbmc Project > Openbmc > 2.9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-15 | CVE-2021-39295 | Resource Exhaustion vulnerability in Openbmc-Project Openbmc 2.9.0 In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface. | 7.5 |
| 2021-09-09 | CVE-2021-39296 | Improper Authentication vulnerability in Openbmc-Project Openbmc 2.9.0 In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system. | 10.0 |
| 2020-06-15 | CVE-2020-14156 | Incorrect Default Permissions vulnerability in Openbmc-Project Openbmc user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions. | 8.8 |