CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-40289

A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.6%

CVSS Severity

CVSS v3 Score 7.2

References

https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023
https://www.supermicro.com/en/support/security_center#%21advisories
https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023
https://www.supermicro.com/en/support/security_center#%21advisories

Products affected by CVE-2023-40289

Supermicro » X11sae-F » Version: N/A

cpe:2.3:h:supermicro:x11sae-f:-
Supermicro » X11sse-F » Version: N/A

cpe:2.3:h:supermicro:x11sse-f:-
Supermicro » X11ssm-F » Version: N/A

cpe:2.3:h:supermicro:x11ssm-f:-
Supermicro » X11sae-F Firmware » Version: 1.66

cpe:2.3:o:supermicro:x11sae-f_firmware:1.66
Supermicro » X11sse-F Firmware » Version: 1.66

cpe:2.3:o:supermicro:x11sse-f_firmware:1.66
Supermicro » X11ssm-F Firmware » Version: 1.66

cpe:2.3:o:supermicro:x11ssm-f_firmware:1.66

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-40289

Products

Pricing

Contact Us