Lucene search

AMICVE-2023-34333

HistoryJan 09, 2024 - 11:15 p.m.

CVE-2023-34333

2024-01-0923:15:08

CWE-119

CWE-822

AMI

web.nvd.nist.gov

ami

spx

bmc

vulnerability

loss of confidentiality

loss of integrity

loss of availability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

9.0%

JSON

AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause an
untrusted pointer to dereference via a local network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.

Affected configurations

Nvd

Node

amimegarac_sp-xRange12–12.7

amimegarac_sp-xRange13–13.6

VendorProductVersionCPE
amimegarac_sp-x*cpe:2.3:o:ami:megarac_sp-x:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ami	megarac_sp-x	*	cpe:2.3:o:ami:megarac_sp-x::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "MegaRAC_SPx",
    "vendor": "AMI",
    "versions": [
      {
        "lessThanOrEqual": "12.7",
        "status": "affected",
        "version": "12",
        "versionType": "RC"
      },
      {
        "lessThan": "13.6",
        "status": "affected",
        "version": "13",
        "versionType": "RC"
      }
    ]
  }
]

References

9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023010.pdf

Social References

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-34333