Vulnerabilities > Supermicro > X10Sra Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-09-21 CVE-2019-16650 Unspecified vulnerability in Supermicro products
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number.
network
low complexity
supermicro
critical
10.0
2019-09-21 CVE-2019-16649 Insufficiently Protected Credentials vulnerability in Supermicro products
On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices.
network
low complexity
supermicro CWE-522
critical
10.0
2018-07-09 CVE-2018-13787 Unspecified vulnerability in Supermicro products
Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.
local
low complexity
supermicro
6.7