Megarac Sp X
CVE-2023-34342
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, or data tampering.
AnalysisAI
AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, or data tampering. Affected products include: Ami Megarac Sp-X.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.
More in Megarac Sp X
View allAMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-
MegaRAC Default Credentials Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitabl
MegaRAC Default Credentials Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitabl
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent
AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity. Rated critical severity (CVSS 9
AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish E
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. Rated high sev
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based messa
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrar
AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrar
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today