CRITICAL🇵🇱 Wersja polska

CVE-2019-16649

CVSS 10.0v3.1pub. 2019-09-21upd. 2024-11-21

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the server managed by the BMC.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Supermicro X11dac

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dac Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dai N

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dai N Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11ddw L

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11ddw L Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11ddw Nt

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11ddw Nt Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dgo T

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dgo T Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dgq

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dgq Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpff Sn

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpff Sn Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpfr S

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpfr S Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpfr Sn

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpfr Sn Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpg Ot Cpu

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpg Ot Cpu Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpg Qt

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpg Qt Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpg Sn

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpg Sn Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dph I

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dph I Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dph T

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dph T Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dph Tq

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dph Tq Firmware

    OS
    Supermicro
    1.71.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2019-16650CRITICAL10.0ten sam produkt

On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that...

CVE-2022-43309MEDIUM5.5ten sam produkt

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

CVE-2023-35861CRITICAL9.8ten sam vendor

A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03....

CVE-2019-13131CRITICAL9.8ten sam vendor

Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to exec...

CVE-2023-40284HIGH8.3ten sam vendor

An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit...