Vulnerabilities > Supermicro > Intelligent Platform Management Firmware

DATE CVE VULNERABILITY TITLE RISK
2013-12-10 CVE-2013-3623 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Supermicro Intelligent Platform Management Firmware 2.24/2.26
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.
network
low complexity
supermicro CWE-119
critical
 10.0
10
2013-12-10 CVE-2013-3622 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Supermicro Intelligent Platform Management Firmware 2.24/2.26
Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allows remote authenticated users to execute arbitrary code via the SID parameter.
network
low complexity
supermicro CWE-119
critical
 9.0
9.0