CVE-2023-34341

AMI BMC contains a vulnerability in the SPX REST API, where an
attacker with the required privileges can read and write to arbitrary locations
within the memory context of the IPMI server process, which may lead to code
execution, denial of service, information disclosure, or data tampering.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
AMICNA
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Affected Products (NVD)
VendorProductVersion
amimegarac_sp-x
12.0 ≤
𝑥
< 12.7
amimegarac_sp-x
13.0 ≤
𝑥
< 13.5
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
amimegarac_spx
12.0 ≤
𝑥
< 12.7
CNA
amimegarac_spx
13.0 ≤
𝑥
< 13.5
CNA
Common Weakness Enumeration
References
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf