Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary commands via NRPE.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSupermicro Superdoctor 5
APPSupermicrowszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2023-35861CRITICAL9.8ten sam vendor
A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03....
CVE-2019-16650CRITICAL10.0ten sam vendor
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that...
CVE-2019-16649CRITICAL10.0ten sam vendor
On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problem...
CVE-2023-40284HIGH8.3ten sam vendor
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit...
CVE-2023-40286HIGH8.3ten sam vendor
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit...