Skip to main content

X11Ssl Cf Firmware CVE-2022-43309

MEDIUM
Incorrect Permission Assignment for Critical Resource (CWE-732)
2023-04-07 cve@mitre.org
Information Disclosure X11Ssl Cf Firmware X11Dac Firmware X11Dai N Firmware X11Ddw L Firmware X11Ddw Nt Firmware X11Dgo T Firmware X11Dgq Firmware X11Dpff Sn Firmware X11Dpfr S Firmware X11Dpfr Sn Firmware X11Dpg Ot Cpu Firmware X11Dpg Qt Firmware X11Dpg Sn Firmware X11Dph I Firmware X11Dph T Firmware X11Dph Tq Firmware X11Dpi N Firmware X11Dpi Nt Firmware X11Dpl I Firmware X11Dps Re Firmware X11Dpt B Firmware X11Dpt Bh Firmware X11Dpt L Firmware X11Dpt Ps Firmware X11Dpu Firmware X11Dpu V Firmware X11Dpu X Firmware X11Dpu Xll Firmware X11Dpu Z Firmware X11Dpu Ze Firmware X11Dpx T Firmware X11Dsc Firmware X11Dsf E Firmware X11Dsn Ts Firmware X11Dsn Tsq Firmware X11Opi Cpu Firmware X11Qph Firmware X11Sae Firmware X11Sae M Firmware X11Sat Firmware X11Sba Firmware X11Sca Firmware X11Sca F Firmware X11Sca W Firmware X11Scd F Firmware X11Sch F Firmware X11Sch Ln4F Firmware X11Scl F Firmware X11Scl If Firmware X11Scl Ln4F Firmware X11Scm F Firmware X11Scm Ln8F Firmware X11Scw F Firmware X11Sdd 18C F Firmware X11Sdd 8C F Firmware X11Sds 12C Firmware X11Sds 16C Firmware X11Sds 8C Firmware X11Spa T Firmware X11Spa Tf Firmware X11Spg Tf Firmware X11Sph Nctf Firmware X11Sph Nctpf Firmware X11Spi Tf Firmware X11Spl F Firmware X11Spm F Firmware X11Spm Tf Firmware X11Spm Tpf Firmware X11Spw Ctf Firmware X11Spw Tf Firmware X11Sra Firmware X11Sri If Firmware X11Srl F Firmware X11Srm Firmware X11Srm F Firmware X11Srm Vf Firmware X11Ssd F Firmware X11Sse F Firmware X11Ssh Ctf Firmware X11Ssh F Firmware X11Ssh Gf 1585 Firmware X11Ssh Gf 1585L Firmware X11Ssh Gtf 1585 Firmware X11Ssh Gtf 1585L Firmware X11Ssh Ln4F Firmware X11Ssh Tf Firmware X11Ssi Ln4F Firmware X11Ssl Firmware X11Ssl F Firmware X11Ssl Nf Firmware X11Ssm Firmware X11Ssm F Firmware X11Ssn Firmware X11Ssq Firmware X11Ssql Firmware X11Ssv Lvds Firmware X11Ssv Q Firmware X11Ssw 4Tf Firmware X11Ssw F Firmware X11Ssw Tf Firmware X11Ssz F Firmware X11Ssz Tln4F Firmware X12Dai N6 Firmware X12Ddw A6 Firmware X12Dpg Qt6 Firmware X12Dpi N6 Firmware X12Dpi Nt6 Firmware X12Dpl I6 Firmware X12Dpl Nt6 Firmware X12Spa Tf Firmware X12Spi Tf Firmware X12Spl F Firmware X12Spl Ln4F Firmware X12Spm Ln4F Firmware X12Spm Ln6Tf Firmware X12Spm Tf Firmware X12Spo F Firmware X12Spo Ntf Firmware X12Spw F Firmware X12Spw Tf Firmware X12Spz Ln4F Firmware X12Spz Spln6F Firmware H12Ssg Anp6 Firmware H12Ssw In Firmware H12Ssw Nt Firmware H12Ssw Inl Firmware H12Ssw Ntl Firmware H12Sst Ps Firmware H12Ssl I Firmware H12Ssl C Firmware H12Ssl Ct Firmware H12Ssl Nt Firmware H12Ssw Inr Firmware H12Ssw Ntr Firmware H12Ssff An6 Firmware H12Dsu In Firmware H12Dst B Firmware H12Dsu Inr Firmware H12Dgo 6 Firmware H12Dsg O Cpu Firmware H12Dsi N6 Firmware H12Dsi Nt6 Firmware H11Dsi Firmware H11Dsi Nt Firmware H11Dst B Firmware H11Dsu In Firmware
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Apr 07, 2023 - 21:15 nvd
MEDIUM 5.5

DescriptionNVD

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

AnalysisAI

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Incorrect Permission Assignment (CWE-732), which allows attackers to access resources due to misconfigured permissions. Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. Affected products include: Supermicro X11Ssl-Cf Firmware, Supermicro X11Dac Firmware, Supermicro X11Dai-N Firmware, Supermicro X11Ddw-L Firmware, Supermicro X11Ddw-Nt Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Review and restrict file/resource permissions, apply principle of least privilege.

Share

CVE-2022-43309 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy