Vulnerability Details CVE-2013-3622
Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allows remote authenticated users to execute arbitrary code via the SID parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.055
EPSS Ranking 89.7%
CVSS Severity
CVSS v2 Score 9.0
References
- http://www.securityfocus.com/bid/64259
- https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities
- https://support.citrix.com/article/CTX216642
- http://www.securityfocus.com/bid/64259
- https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities
- https://support.citrix.com/article/CTX216642
Products affected by CVE-2013-3622
-
cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24
-
cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.26