CVE-2023-34332
EUVD-2023-3841309.01.2024, 23:15
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ami | megarac_sp-x | 12 ≤ 𝑥 < 12.7 |
| ami | megarac_sp-x | 13 ≤ 𝑥 < 13.6 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| ami | megarac_spx | 12 ≤ 𝑥 ≤ 12.7 | CNA |
| ami | megarac_spx | 13 ≤ 𝑥 < 13.6 | CNA |
Common Weakness Enumeration
- CWE-822 - Untrusted Pointer DereferenceThe program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.