Vulnerability Details CVE-2020-5633
Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen), Express5800/T110j-S (2nd-Gen), iStorage NS100Ti, and Express5800/GT110j) where Baseboard Management Controller (BMC) firmware Rev1.09 and earlier is applied allows remote attackers to bypass authentication and then obtain/modify BMC setting information, obtain monitoring information, or reboot/shut down the vulnerable product via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 9.0
References
- https://jpn.nec.com/security-info/secinfo/nv21-002.html
- https://jvn.jp/en/jp/JVN38752718/index.html
- https://www.support.nec.co.jp/View.aspx?id=9010108754
- https://jpn.nec.com/security-info/secinfo/nv21-002.html
- https://jvn.jp/en/jp/JVN38752718/index.html
- https://www.support.nec.co.jp/View.aspx?id=9010108754
Products affected by CVE-2020-5633
-
cpe:2.3:h:nec:express5800/gt110j:-
-
cpe:2.3:h:nec:express5800/t110j-s:-
-
cpe:2.3:h:nec:express5800/t110j-s_(2nd-gen):-
-
cpe:2.3:h:nec:express5800/t110j:-
-
cpe:2.3:h:nec:express5800/t110j_(2nd-gen):-
-
cpe:2.3:h:nec:istorage_ns100ti:-
-
cpe:2.3:o:nec:baseboard_management_controller:-
-
cpe:2.3:o:nec:baseboard_management_controller:1.07
-
cpe:2.3:o:nec:baseboard_management_controller:1.09