Lucene search

CertccCVE-2024-3411

HistoryApr 30, 2024 - 7:15 p.m.

CVE-2024-3411

2024-04-3019:15:23

certcc

web.nvd.nist.gov

ipmi

authenticated sessions

hijacking

security controls

spoofed packets

bmc device

cve-2024-3411

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

6.9

Confidence

Low

EPSS

Percentile

15.5%

JSON

Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device.

CNA Affected

[
  {
    "vendor": "Dell",
    "product": "iDRAC8",
    "versions": [
      {
        "status": "affected",
        "version": "2.86.86.86"
      }
    ]
  },
  {
    "vendor": "Intel",
    "product": "IPMI",
    "versions": [
      {
        "status": "affected",
        "version": "2.0, revision 1.1E7"
      }
    ]
  }
]

References

kb.cert.org/vuls/id/163057

www.dell.com/support/kbdoc/en-US/000226504/dsa-2024-295-security-update-for-dell-idrac8-ipmi-session-vulnerability

www.intel.la/content/dam/www/public/us/en/documents/specification-updates/ipmi-intelligent-platform-mgt-interface-spec-2nd-gen-v2-0-spec-update.pdf

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

6.9

Confidence

Low

EPSS

Percentile

15.5%

JSON

Related for CVE-2024-3411