HIGH🇬🇧 English

CVE-2023-33411

CVSS 7.5v3.1pub. 2023-12-07upd. 2026-07-05

A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive information.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Supermicro B13dee

    HW
    Supermicro
    wszystkie wersje
  • Supermicro B13dee Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro B13det

    HW
    Supermicro
    wszystkie wersje
  • Supermicro B13det Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro B13see Cpu 25g

    HW
    Supermicro
    wszystkie wersje
  • Supermicro B13see Cpu 25g Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro B13seg

    HW
    Supermicro
    wszystkie wersje
  • Supermicro B13seg Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro C9x299 Pg

    HW
    Supermicro
    wszystkie wersje
  • Supermicro C9x299 Pg300

    HW
    Supermicro
    wszystkie wersje
  • Supermicro C9x299 Pg300f

    HW
    Supermicro
    wszystkie wersje
  • Supermicro C9x299 Pg300f Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro C9x299 Pg300 Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro C9x299 Pgf

    HW
    Supermicro
    wszystkie wersje
  • Supermicro C9x299 Pgf Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro C9x299 Pg Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro C9x299 Pgf L

    HW
    Supermicro
    wszystkie wersje
  • Supermicro C9x299 Pgf L Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro C9x299 Rpgf

    HW
    Supermicro
    wszystkie wersje
  • Supermicro C9x299 Rpgf Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro C9x299 Rpgf L

    HW
    Supermicro
    wszystkie wersje
  • Supermicro C9x299 Rpgf L Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro H13dsg O Cpu

    HW
    Supermicro
    wszystkie wersje
  • Supermicro H13dsg O Cpu D

    HW
    Supermicro
    wszystkie wersje
  • Supermicro H13dsg O Cpu D Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro H13dsg O Cpu Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro H13dsg Om

    HW
    Supermicro
    wszystkie wersje
  • Supermicro H13dsg Om Firmware

    OS
    Supermicro
    ≤ 3.17.02
  • Supermicro H13dsh

    HW
    Supermicro
    wszystkie wersje
  • Supermicro H13dsh Firmware

    OS
    Supermicro
    ≤ 3.17.02
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2023-35861CRITICAL9.8ten sam produkt

A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03....

CVE-2023-33412HIGH8.8ten sam produkt

The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC...

CVE-2023-33413HIGH8.8ten sam produkt

The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management c...

CVE-2019-16649CRITICAL10.0ten sam vendor

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problem...

CVE-2019-16650CRITICAL10.0ten sam vendor

On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that...