Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR* devices relies on JavaScript code on the client for authorization checks, which allows remote authenticated users to bypass intended access restrictions via a crafted request, related to the PrivilegeCallBack function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Supermicro IPMI Web接口远程提权漏洞
Vulnerability Description
Supermicro Intelligent Platform Management Interface(IPMI)是美国超微(Supermicro)公司的一个IPMI卡(智能平台管理接口),它可对系统进行远程控制,如远程开机、进入BIOS等。 Supermicro IPMI实现中的Web接口中存在安全漏洞,Web接口依赖客户端权限验证。远程攻击者可借助特制的请求利用该漏洞绕过既定的访问限制。以下设备中存在漏洞:H8DC*,H8DG*,H8SCM-F,H8SGL-F,H8SM*,X7SP*,X8DT*,X
CVSS Information
N/A
Vulnerability Type
N/A