Openbmc-Project: >> Openbmc >> 2.9.0 Security Vulnerabilities
In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-15
In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.
CVSS Score
10.0
EPSS Score
0.001
Published
2021-09-09
user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions.
CVSS Score
8.8
EPSS Score
0.003
Published
2020-06-15