Skip to main content

X11Dai N Firmware CVE-2019-16649

CRITICAL
Improper Authentication (CWE-287)
2019-09-21 cve@mitre.org
Authentication Bypass X11Dai N Firmware X11Dac Firmware X11Dph Tq Firmware X11Dph I Firmware X11Dph T Firmware X11Dps Re Firmware X11Dsf E Firmware X11Dsn Ts Firmware X11Dsn Tsq Firmware X11Dsc Firmware X11Ddw Nt Firmware X11Ddw L Firmware X11Dgq Firmware X11Dpff Sn Firmware X11Dpfr Sn Firmware X11Dpfr S Firmware X11Dpt Ps Firmware X11Dpt B Firmware X11Dpt Bh Firmware X11Dpt L Firmware X11Dpu Firmware X11Dpu V Firmware X11Dpu X Firmware X11Dpu Xll Firmware X11Dpu Z Firmware X11Dpu Ze Firmware X11Dpg Sn Firmware X11Dpg Qt Firmware X11Dpg Ot Cpu Firmware X11Dpi Nt Firmware X11Dpi N Firmware X11Dpl I Firmware X11Dpx T Firmware X11Dgo T Firmware X11Sca Firmware X11Sca F Firmware X11Sch F Firmware X11Sch Ln4F Firmware X11Sca W Firmware X11Scl F Firmware X11Scl Ln4F Firmware X11Scl If Firmware X11Scm F Firmware X11Scm Ln8F Firmware X11Scw F Firmware X11Spa T Firmware X11Spa Tf Firmware X11Spi Tf Firmware X11Spl F Firmware X11Spm F Firmware X11Spm Tf Firmware X11Spm Tpf Firmware X11Sph Nctf Firmware X11Sph Nctpf Firmware X11Spw Tf Firmware X11Spw Ctf Firmware X11Spg Tf Firmware X11Sri If Firmware X11Srl F Firmware X11Srm F Firmware X11Srm Vf Firmware X11Ssl F Firmware X11Ssm F Firmware X11Ssl Firmware X11Ssm Firmware X11Ssh F Firmware X11Ssh Ln4F Firmware X11Ssw 4Tf Firmware X11Ssw Tf Firmware X11Ssw F Firmware X11Ssi Ln4F Firmware X11Ssh Tf Firmware X11Ssh Ctf Firmware X11Ssl Cf Firmware X11Ssl Nf Firmware X11Ssh Gf 1585 Firmware X11Ssh Gf 1585L Firmware X11Ssh Gtf 1585 Firmware X11Ssh Gtf 1585L Firmware B11Dpt Firmware B11Dpe Firmware B11Spe Cpu Tf Firmware B11Spe Cpu 25G Firmware B11Qpi Firmware X11Ssd F Firmware X11Sse F Firmware B2Ss1 Cpu Firmware B2Ss1 Cf Firmware B2Ss1 F Firmware B2Ss2 F Firmware B2Ss1 Mtf Firmware B2Ss1 H Mtf Firmware B2Ss2 Mtf Firmware B2Ss2 H Mtf Firmware X11Scd F Firmware X11Sdd 8C F Firmware X11Sdd 18C F Firmware X11Qph Firmware X11Opi Cpu Firmware X11Sds 8C Firmware X11Sds 12C Firmware X11Sds 16C Firmware X10Ddw I Firmware X10Ddw In Firmware X10Drs Firmware X10Drd I Firmware X10Drd It Firmware X10Drd Int Firmware X10Drd Intp Firmware X10Drd Itp Firmware X10Drd L Firmware X10Drd Lt Firmware X10Drd Ltp Firmware X10Drx Firmware X10Drh C Firmware X10Drh Ct Firmware X10Drh Cln4 Firmware X10Drh I Firmware X10Drh It Firmware X10Drh Iln4 Firmware X10Dri Firmware X10Dri T Firmware X10Drc Ln4 Firmware X10Drc T4 Firmware X10Dri Ln4 Firmware X10Dri T4 Firmware X10Drl Ln4 Firmware X10Drl I Firmware X10Drl It Firmware X10Drl C Firmware X10Drl Ct Firmware X10Drt L Firmware X10Drt Libq Firmware X10Drt Libf Firmware X10Drt B Firmware X10Drt H Firmware X10Drt Hibf Firmware X10Drt Ps Firmware X10Drt P Firmware X10Drt Pt Firmware X10Drt Pibq Firmware X10Drt Pibf Firmware X10Drfr N Firmware X10Drfr Nt Firmware X10Drfr Firmware X10Drfr T Firmware X10Drff Cg Firmware X10Drff Ctg Firmware X10Drff Ig Firmware X10Drff Itg Firmware X10Drff Firmware X10Drff C Firmware X10Drw N Firmware X10Drw Nt Firmware X10Drw E Firmware X10Drw Et Firmware X10Drw I Firmware X10Drw It Firmware X10Dsn Ts Firmware X10Drg Ot Cpu Firmware X10Drg O Cpu Firmware X10Dgo T Firmware X10Dgq Firmware X10Drg Q Firmware X10Drg H Firmware X10Drg Ht Firmware X10Dru I Firmware X10Dru X Firmware X10Dru Xll Firmware X10Dsc Firmware X10Sra F Firmware X10Sra Firmware X10Srd F Firmware X10Srm F Firmware X10Srm Tf Firmware X10Srl F Firmware X10Sri F Firmware X10Srh Cf Firmware X10Srh Cln4F Firmware X10Srg F Firmware X10Srw F Firmware X10Sae Firmware X10Sat Firmware X10Slx F Firmware X10Sld F Firmware X10Sld Hf Firmware X10Sle F Firmware X10Sle Hf Firmware X10Sle Df Firmware X10Sl7 F Firmware X10Sla F Firmware X10Slh F Firmware X10Sll F Firmware X10Sll Sf Firmware X10Sll S Firmware X10Slm F Firmware X10Slm Ln4F Firmware X10Sde Df Firmware X10Sdd 16C F Firmware X10Sdd F Firmware B1Sd1 16C Tf Firmware B1Sd1 Tf Firmware B1Sd2 16C Tf Firmware B1Sd2 Tf Firmware B10Drc Firmware B10Drc N Firmware B10Dri Firmware B10Dri N Firmware B10Drg Ibf Firmware B10Drg Ibf2 Firmware B10Drg Tp Firmware B10Drt Firmware B10Drt Ibf Firmware B10Drt Ibf2 Firmware B10Drt Tp Firmware X10Qrh Firmware X10Qbl 4 Firmware X10Qbl 4Ct Firmware X10Qbl Firmware X10Qbl Ct Firmware X10Qbi Firmware X10Obi Cpu Firmware X10Dbt T Firmware X10Sdv 7Tp8F Firmware X10Sdv 7Tp4F Firmware X10Sdv 2C 7Tp4F Firmware X10Sdv 4C 7Tp4F Firmware X10Sdv 2C Tp4F Firmware X10Sdv 4C Tp4F Firmware X10Sdv 2C Tp8F Firmware X10Sdv Tp8F Firmware X10Sdv F Firmware X10Sdv Tln4F Firmware X10Sdv 8C Tln4F Firmware X10Sdv 6C Tln4F Firmware X10Sdv 2C Tln2F Firmware X10Sdv 4C Tln2F Firmware X10Sdv 4C Tln4F Firmware X10Sdv 8C Ln2F Firmware X10Sdv 12C Tln4F Firmware X10Sdv 16C Tln4F Firmware A1Srm Ln7F 2358 Firmware A1Srm Ln7F 2758 Firmware A1Srm Ln5F 2358 Firmware A1Sa2 2750F Firmware A1Sam 2750F Firmware A1Sam 2550F Firmware A1Srm 2758F Firmware A1Srm 2558F Firmware A1Sai 2750F Firmware A1Sai 2550F Firmware A1Sri 2758F Firmware A1Sri 2558F Firmware A1Sri 2358F Firmware M11Sdv 8C Ln4F Firmware M11Sdv 8Ct Ln4F Firmware M11Sdv 4C Ln4F Firmware M11Sdv 4Ct Ln4F Firmware X9Drg H T F Firmware X9Drh 7 I T F Firmware X9Dr3 I F Firmware X9Drt H Series Firmware X9Drt Series Firmware X9Dr3 I Ln4F Firmware X9Drd 7Ln4F Series Firmware X9Drd Ef Firmware X9Drl 3 If Firmware X9Drw 3Ln4F 3Tf Firmware X9Drw 3 If Firmware X9Drw 7 Itpf Firmware X9Dbl 3 I F Firmware X9Da7 E Firmware X9Dai Firmware X9Db3 I Tp F Firmware X9Dbs F 2U Firmware X9Dbu 3 If Firmware X9Dr7 E Ln4F Firmware X9Dr7 E Tf Firmware X9Dr7 Jln4F Firmware X9Drd L If Firmware X9Drd It Firmware X9Drd C N T Firmware X9Drfr Firmware X9Drff 7 Firmware X9Drff 7 I T Firmware X9Drff 7 I T G Firmware X9Drg H T F Ii Firmware X9Drg Qf Firmware X9Drg O T F Cpu Firmware X9Drl 7 Ef Firmware X9Drt P Series Firmware X9Drt Hf Firmware X9Drw C T F31 Firmware X9Drh If Nv Firmware X9Drx F Firmware X9Dax 7 I T F Firmware X9Dax 7 If Hft Firmware X9Dal 3 I Firmware X9Sre I Series Firmware X9Srh 7 T F Firmware X9Srd F Firmware X9Srw F Firmware X9Srg F Firmware X9Srl F Firmware X9Sra Firmware X9Sae V Firmware X9Scl F Firmware X9Scm F Firmware X9Scd Series Firmware X9Sca F Firmware X9Sci Ln4 F Firmware X9Qri F Firmware X9Qr7 Tf Firmware B9Dri Firmware B9Dr7 Firmware B9Drp Firmware B9Drg 3M Firmware B9Drg E Firmware B9Drg Firmware B9Drt Firmware B9Qr7 Tp Firmware
10.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
10.0 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 21, 2019 - 02:15 nvd
CRITICAL 10.0

DescriptionNVD

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the server managed by the BMC.

AnalysisAI

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the server managed by the BMC. Affected products include: Supermicro X11Dai-N Firmware, Supermicro X11Dac Firmware, Supermicro X11Dph-Tq Firmware, Supermicro X11Dph-I Firmware, Supermicro X11Dph-T Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.

Share

CVE-2019-16649 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy