Vulnerabilities > Supermicro > X10Drw IT Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-09-21 CVE-2019-16649 Insufficiently Protected Credentials vulnerability in Supermicro products
On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices.
network
low complexity
supermicro CWE-522
critical
10.0
2019-09-21 CVE-2019-16650 Unspecified vulnerability in Supermicro products
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number.
network
low complexity
supermicro
critical
10.0