CRITICAL🇬🇧 English

CVE-2019-16650

CVSS 10.0v3.1pub. 2019-09-21upd. 2024-11-21

On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the server managed by the BMC.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Supermicro X11dac

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dac Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dai N

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dai N Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11ddw L

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11ddw L Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11ddw Nt

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11ddw Nt Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dgo T

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dgo T Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dgq

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dgq Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpff Sn

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpff Sn Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpfr S

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpfr S Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpfr Sn

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpfr Sn Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpg Ot Cpu

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpg Ot Cpu Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpg Qt

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpg Qt Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dpg Sn

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dpg Sn Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dph I

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dph I Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dph T

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dph T Firmware

    OS
    Supermicro
    1.71.5
  • Supermicro X11dph Tq

    HW
    Supermicro
    wszystkie wersje
  • Supermicro X11dph Tq Firmware

    OS
    Supermicro
    1.71.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-16649CRITICAL10.0ten sam produkt

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problem...

CVE-2022-43309MEDIUM5.5ten sam produkt

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

CVE-2023-35861CRITICAL9.8ten sam vendor

A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03....

CVE-2019-13131CRITICAL9.8ten sam vendor

Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to exec...

CVE-2023-40284HIGH8.3ten sam vendor

An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit...