Vulnerabilities > Supermicro > X10Drh IT Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-24 | CVE-2020-15046 | Cross-Site Request Forgery (CSRF) vulnerability in Supermicro X10Drh-It Bios and X10Drh-It Firmware The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users. | 8.8 |
| 2019-09-21 | CVE-2019-16650 | Unspecified vulnerability in Supermicro products On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. | 7.5 |
| 2019-09-21 | CVE-2019-16649 | Improper Authentication vulnerability in Supermicro products On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. | 5.0 |