CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
71.8%
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.
Vendor | Product | Version | CPE |
---|---|---|---|
asus | asmb9-ikvm_firmware | 1.11.12 | cpe:2.3:o:asus:asmb9-ikvm_firmware:1.11.12:*:*:*:*:*:*:* |
asus | asmb9-ikvm | - | cpe:2.3:h:asus:asmb9-ikvm:-:*:*:*:*:*:*:* |
asus | rs720a-e9-rs24-e_firmware | 1.10.3 | cpe:2.3:o:asus:rs720a-e9-rs24-e_firmware:1.10.3:*:*:*:*:*:*:* |
asus | rs720a-e9-rs24-e | - | cpe:2.3:h:asus:rs720a-e9-rs24-e:-:*:*:*:*:*:*:* |
asus | rs700a-e9-rs4_firmware | 1.10.0 | cpe:2.3:o:asus:rs700a-e9-rs4_firmware:1.10.0:*:*:*:*:*:*:* |
asus | rs700a-e9-rs4 | - | cpe:2.3:h:asus:rs700a-e9-rs4:-:*:*:*:*:*:*:* |
asus | rs700-e9-rs4_firmware | 1.09 | cpe:2.3:o:asus:rs700-e9-rs4_firmware:1.09:*:*:*:*:*:*:* |
asus | rs700-e9-rs4 | - | cpe:2.3:h:asus:rs700-e9-rs4:-:*:*:*:*:*:*:* |
asus | esc4000_g4x_firmware | 1.11.6 | cpe:2.3:o:asus:esc4000_g4x_firmware:1.11.6:*:*:*:*:*:*:* |
asus | esc4000_g4x | - | cpe:2.3:h:asus:esc4000_g4x:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
71.8%