Vulnerabilities > Supermicro > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-07 CVE-2022-43309 Incorrect Permission Assignment for Critical Resource vulnerability in Supermicro products
Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.
local
low complexity
supermicro CWE-732
5.5
2020-01-23 CVE-2013-6785 Path Traversal vulnerability in Supermicro Intelligent Platform Management Interface
Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter.
network
low complexity
supermicro CWE-22
4.3
2018-07-09 CVE-2018-13787 Unspecified vulnerability in Supermicro products
Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.
local
low complexity
supermicro
6.7