fkie_nvd - fkie_cve-2013-3607

fkie_cve-2013-3607

Vulnerability from fkie_nvd

Published

2013-09-08 03:17

Modified

2024-11-21 01:53

Severity ?

Summary

Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR* devices allow remote attackers to execute arbitrary code on the Baseboard Management Controller (BMC), as demonstrated by the (1) username or (2) password field in login.cgi.

References

URL	Tags
cret@cert.org	http://www.kb.cert.org/vuls/id/648646	US Government Resource
cret@cert.org	http://www.securityfocus.com/bid/62094
cret@cert.org	http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf
cret@cert.org	http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013
cret@cert.org	https://support.citrix.com/article/CTX216642
cret@cert.org	https://www.usenix.org/system/files/conference/woot13/woot13-bonkoski_0.pdf	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/648646	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/62094
af854a3a-2127-422b-91ae-364da2661108	http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf
af854a3a-2127-422b-91ae-364da2661108	http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013
af854a3a-2127-422b-91ae-364da2661108	https://support.citrix.com/article/CTX216642
af854a3a-2127-422b-91ae-364da2661108	https://www.usenix.org/system/files/conference/woot13/woot13-bonkoski_0.pdf	Exploit

Impacted products

Vendor	Product	Version
supermicro	h8dcl-6f	-
supermicro	h8dcl-if	-
supermicro	h8dct-hibqf	-
supermicro	h8dct-hln4f	-
supermicro	h8dct-ibqf	-
supermicro	h8dg6-f	-
supermicro	h8dgg-qf	-
supermicro	h8dgi-f	-
supermicro	h8dgt-hf	-
supermicro	h8dgt-hibqf	-
supermicro	h8dgt-hlf	-
supermicro	h8dgt-hlibqf	-
supermicro	h8dgu-f	-
supermicro	h8dgu-ln4f\+	-
supermicro	h8scm-f	-
supermicro	h8sgl-f	-
supermicro	h8sme-f	-
supermicro	h8sml-7	-
supermicro	h8sml-7f	-
supermicro	h8sml-i	-
supermicro	h8sml-if	-
supermicro	x7spa-hf	-
supermicro	x7spa-hf-d525	-
supermicro	x7spe-h-d525	-
supermicro	x7spe-hf	-
supermicro	x7spe-hf-d525	-
supermicro	x7spt-df-d525	-
supermicro	x7spt-df-d525\+	-
supermicro	x8dtl-3f	-
supermicro	x8dtl-6f	-
supermicro	x8dtl-if	-
supermicro	x8dtn\+-f	-
supermicro	x8dtn\+-f-lr	-
supermicro	x8dtu-6f\+	-
supermicro	x8dtu-6f\+-lr	-
supermicro	x8dtu-6tf\+	-
supermicro	x8dtu-6tf\+-lr	-
supermicro	x8dtu-ln4f\+	-
supermicro	x8dtu-ln4f\+-lr	-
supermicro	x8si6-f	-
supermicro	x8sia-f	-
supermicro	x8sie-f	-
supermicro	x8sie-ln4f	-
supermicro	x8sil-f	-
supermicro	x8sit-f	-
supermicro	x8sit-hf	-
supermicro	x8siu-f	-
supermicro	x9dax-7f	-
supermicro	x9dax-7f-hft	-
supermicro	x9dax-7tf	-
supermicro	x9dax-if	-
supermicro	x9dax-if-hft	-
supermicro	x9dax-itf	-
supermicro	x9db3-f	-
supermicro	x9db3-tpf	-
supermicro	x9dbi-f	-
supermicro	x9dbi-tpf	-
supermicro	x9dbl-3f	-
supermicro	x9dbl-if	-
supermicro	x9dbu-3f	-
supermicro	x9dbu-if	-
supermicro	x9dr3-f	-
supermicro	x9dr3-ln4f\+	-
supermicro	x9dr7-ln4f	-
supermicro	x9dr7-ln4f-jbod	-
supermicro	x9dr7-tf\+	-
supermicro	x9drd-7jln4f	-
supermicro	x9drd-7ln4f	-
supermicro	x9drd-7ln4f-jbod	-
supermicro	x9drd-ef	-
supermicro	x9drd-if	-
supermicro	x9dre-ln4f	-
supermicro	x9dre-tf\+	-
supermicro	x9drff	-
supermicro	x9drff-7	-
supermicro	x9drff-7\+	-
supermicro	x9drff-7g\+	-
supermicro	x9drff-7t\+	-
supermicro	x9drff-7tg\+	-
supermicro	x9drff-i\+	-
supermicro	x9drff-ig\+	-
supermicro	x9drff-it\+	-
supermicro	x9drff-itg\+	-
supermicro	x9drfr	-
supermicro	x9drg-hf	-
supermicro	x9drg-hf\+	-
supermicro	x9drg-htf	-
supermicro	x9drg-htf\+	-
supermicro	x9drh-7f	-
supermicro	x9drh-7tf	-
supermicro	x9drh-if	-
supermicro	x9drh-itf	-
supermicro	x9dri-f	-
supermicro	x9dri-ln4f\+	-
supermicro	x9drl-3f	-
supermicro	x9drl-ef	-
supermicro	x9drl-if	-
supermicro	x9drt-f	-
supermicro	x9drt-h6f	-
supermicro	x9drt-h6ibff	-
supermicro	x9drt-h6ibqf	-
supermicro	x9drt-hf\+	-
supermicro	x9drt-ibff	-
supermicro	x9drt-ibqf	-
supermicro	x9drw-3ln4f\+	-
supermicro	x9drw-3tf\+	-
supermicro	x9drw-7tpf\+	-
supermicro	x9drw-itpf\+	-
supermicro	x9drx\+-f	-
supermicro	x9qr7-tf	-
supermicro	x9qr7-tf\+	-
supermicro	x9qr7-tf-jbod	-
supermicro	x9qri-f	-
supermicro	x9qri-f\+	-
supermicro	x9sbaa-f	-
supermicro	x9sca-f	-
supermicro	x9scd-f	-
supermicro	x9sce-f	-
supermicro	x9scff-f	-
supermicro	x9sci-ln4f	-
supermicro	x9scl\+-f	-
supermicro	x9scl-f	-
supermicro	x9scm-f	-
supermicro	x9scm-iif	-
supermicro	x9spu-f	-
supermicro	x9srd-f	-
supermicro	x9sre-3f	-
supermicro	x9sre-f	-
supermicro	x9srg-f	-
supermicro	x9sri-3f	-
supermicro	x9sri-f	-
supermicro	x9srl-f	-
supermicro	x9srw-f	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:supermicro:h8dcl-6f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23F574AF-FC1C-453C-A8FB-C11F42ED8E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dcl-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B966320-9479-48D4-9C08-0C5BC655588D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dct-hibqf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C252A3D-C2F1-4E15-8CEA-ED86C550EBB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dct-hln4f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "502A47AC-064C-49FE-AC9C-50D0C1B62DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dct-ibqf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFB18D39-D5F9-4F4E-8FA7-F0FF7F896564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dg6-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "797EFABC-8823-4B42-8FA1-A26CF406166B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgg-qf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "978262CA-7C6A-4F3D-9480-A08230E30EB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgi-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F113C555-5E90-4458-9C30-79C3EBB8E917",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgt-hf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8551A73-5B20-44D5-BC9C-11F18F40C055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgt-hibqf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EEBE2CB-7349-4A9A-838F-7E4220BF74E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgt-hlf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DEF117-ED63-42DF-A4E6-0A019BE82968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgt-hlibqf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A873933-3F6C-4EC0-8AB2-8B0DFCB7424F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgu-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCAA5397-D28D-4817-AC21-F0D0DEA95489",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8dgu-ln4f\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AE93B7-C3D1-45A8-9D2C-9DB7101AAECD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8scm-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCF563E-6A20-4F99-80FB-1BED5149E8C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8sgl-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB097280-76E6-4DBE-BD2F-DDE3C9DBD734",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8sme-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36ACA455-CB46-4B0E-9F5B-86508907323C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8sml-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A159DCC-D2F7-4409-B842-027100794679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8sml-7f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34630C1-5B6A-46BD-BD0A-A1DED08003E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8sml-i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38A5024C-F341-4DD6-ABCF-B9259937732C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:h8sml-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C09A30A7-C88C-4365-8D24-BFAB1EEF53F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x7spa-hf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D060E9B-0967-49E1-958B-B4557BC2634A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x7spa-hf-d525:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6596C3C0-9DAC-43AF-9185-51E16096BAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x7spe-h-d525:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05C4617-F33D-40F0-8271-C4FE1578BAF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x7spe-hf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FF4ECC2-7EF8-4150-AB45-D30B88BE884C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x7spe-hf-d525:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61EB064B-5A03-4D54-BB55-15AA35B44668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x7spt-df-d525:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70E3EFB3-9E87-4C5C-B84D-F9A9AAFFED45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x7spt-df-d525\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8C8686-ABA2-466F-8309-D483F128CE0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtl-3f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C82B90F8-3E33-47E5-8D65-92BF39E7091D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtl-6f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C681E3DA-6BBB-40C9-B37F-0D37A4EC5DEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtl-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35FD83D9-1F28-454F-9221-9CF69F8730E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtn\\+-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47EA3F5D-38B1-4D3F-BA3B-C03598124119",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtn\\+-f-lr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD772BE-13CE-48F7-A24F-28825060561E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtu-6f\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C38C112C-52D0-4D29-8FF6-298AD01B981C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtu-6f\\+-lr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D46200-C176-49FE-AB45-CD1706355A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtu-6tf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95798443-906A-445B-8CB7-9FAE8223AAE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtu-6tf\\+-lr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82286D8E-632D-440A-BF94-94331B195222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtu-ln4f\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24D640B1-0DED-4CF0-AD43-AFFEBE953157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8dtu-ln4f\\+-lr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "736B9BD0-E764-4321-A1A5-C8875147F701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8si6-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0490EB39-70EA-494C-855C-6698B65421FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8sia-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F62BC3F2-FCDD-41F6-90F1-1F75273BF4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8sie-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DB343D9-AA39-4837-AE84-CF8EC50B758A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8sie-ln4f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D600FF-CA39-40C0-8535-E39971E5C34A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8sil-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E690BCC-685E-4A3C-9F30-C0429B6591FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8sit-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "672B902B-C4B1-4E10-AE16-34C562029D1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8sit-hf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44BE8D56-4810-470E-B284-CCD1D92736F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x8siu-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45003169-49AF-4CA0-8E44-0137476D0352",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dax-7f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F84B957-6385-4533-B8B0-B252B695721A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dax-7f-hft:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A977F207-190D-48ED-AC31-A9D500114F2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dax-7tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F77C1AD-12C9-492B-82B9-A5469182FEEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dax-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B111BB68-F4D3-471D-8B99-EE4AED27974A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dax-if-hft:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C2D975-2AEF-4083-820D-356D846DDC59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dax-itf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6499489-EFEA-4C8E-B5F5-56F92DF25F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9db3-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E03A480E-8EE9-4040-B1C6-3E60EBD010BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9db3-tpf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB68F879-2E55-4D12-8259-13C37004FB33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dbi-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B3B0FFF-0C52-4199-B0FB-0A16DCA5D51B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dbi-tpf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5D8C2C-683C-4670-9878-B879AAABD54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dbl-3f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56F818CA-1CB3-48B2-BED0-99C09A6F8259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dbl-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D30206F-EA8A-4EA8-87CB-D6A47F4B75CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dbu-3f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4401E676-3E1D-431E-ABAF-89BC9CAC64D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dbu-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F67D8D5E-439D-45E2-A0BB-40EB60DCC0D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dr3-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C27D83-5E57-4B7B-B765-B41AAA004C74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dr3-ln4f\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2D1E2A1-71CA-48F0-8A91-E0AD896D4106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dr7-ln4f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77777CE0-0095-4318-A194-D14CF4D699CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dr7-ln4f-jbod:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC43CCB5-7842-4BD3-B2DB-597815E129CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dr7-tf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "767854D0-2DE0-4628-B6D7-18161F471718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drd-7jln4f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EF8A1A-3BBC-44DB-8469-14B71495E8AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drd-7ln4f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4102B60-86D2-42AC-86A9-0F690CDA0970",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drd-7ln4f-jbod:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "097802C6-25DA-4D55-84E7-10B4E5CC59F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drd-ef:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C269C6-B569-493E-8D29-CE16C03CCA4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drd-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA6459A-758D-46D4-89F4-E4DE71FF48E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dre-ln4f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A91DEEFA-BFD4-4EBD-828A-02BBE4CA3F33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dre-tf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0853B35-F437-41D3-8126-0C51A788CDCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F263B5-4723-4153-A751-78F539A3C64A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B9DE20-58F4-4EED-950F-FF8E07313D9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-7\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE8879B-78B1-4372-BD32-C09B6EE083DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-7g\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F26B68A6-66A9-4272-B6AE-ADCF0DE1733E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-7t\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A99DE11-2E42-4C5C-9CD2-1B035EC8F0DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-7tg\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56CCB73-97FB-4F81-8D9E-2F441364AD22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-i\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D77595EF-70F4-41DD-85CF-D866AA4B3988",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-ig\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB6BEBA8-B432-45BB-8756-AFC6123404B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-it\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E98461CD-D04C-4C72-9F44-EEF0A5C60D26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drff-itg\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71C18651-C28F-459B-B055-A01EE6E81A0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drfr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E124B14-05FE-48AB-9364-48EC03276569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drg-hf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D244DE-3A8D-40AF-8151-21886264F62D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drg-hf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F154DE4-6D89-46ED-A32D-FB6DA29908B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drg-htf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "165E5734-ED3F-4EF8-9737-BF0BA8FD45D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drg-htf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DA5EBA4-E2E4-47D5-9B74-DC38BF7982E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drh-7f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9B93D2-0F82-410E-8936-CCEDD25E7B47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drh-7tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58F60960-266E-487C-8F07-4498A6E3EA77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drh-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09D477E3-C042-47EE-B43F-03FF4903E2C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drh-itf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "496EED07-44EA-4E2A-8846-74227DB432A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dri-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC056CAA-FE35-48DF-864E-3457E9ED6B4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9dri-ln4f\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29B97C2-5B79-4743-B5AF-77D674835E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drl-3f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F84B46-E273-44A6-A89D-4E5E47BDAFAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drl-ef:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3621F0A-8C0A-4CB3-A1F3-A7416794D185",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drl-if:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA297408-C2FB-45B6-894E-0D491F2E541C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drt-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10283C29-ABEF-416A-A45D-BE7EFBB6891E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drt-h6f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4B20A3D-E691-4870-953C-5F85CAB5B3AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drt-h6ibff:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C88C46-1716-4E4C-8C2A-AC21697E31AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drt-h6ibqf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "363937AB-EBBD-466D-A9FA-CD70B083D806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drt-hf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D160E0-CB6D-4EAB-87F8-DD5A54AEE993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drt-ibff:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50932978-66A9-4F67-92D1-35E7FA9B4653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drt-ibqf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08DE585E-EEBE-4DB2-AF04-16038E8B2A0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drw-3ln4f\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "683BBAE2-89D5-4241-A981-8D7A9D8ECB9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drw-3tf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7437EDE5-2D70-4A46-B749-2CF13FD1B86B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drw-7tpf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "697C2608-7FD5-4A5B-8E09-1A68DDEBA73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drw-itpf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5D8E27-2613-4004-ACE4-B7F8643F7095",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9drx\\+-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F94922A-A450-4D24-83BB-C3A55CC803D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9qr7-tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "096BE775-0410-4143-AA3C-DE2F70753802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9qr7-tf\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A44372-6B5E-4DB5-AD22-97B80475048B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9qr7-tf-jbod:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B5AF2A-069C-4D87-89E5-11A4CE544F27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9qri-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84CF273B-3845-48D3-824E-6898ABD4FC53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9qri-f\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAEE806-A1B6-40C8-BBA6-61AB180E3276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sbaa-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BDF1AE-04B9-402A-AFD5-64FFAECCE5D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sca-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B3E956A-57C6-46F4-A9EA-CC5F848BB9C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9scd-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D19365C-7125-4EA9-A8EF-02A02ACF85A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sce-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA2CE72-088B-4CA6-894D-427CC4F2B6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9scff-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2682D17-6376-4724-B434-0989FC2221A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sci-ln4f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C1C92F-AC9D-44A2-BD07-6ED22EF5C00B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9scl\\+-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E984C99-B5D5-489D-8E90-5472210686BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9scl-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C21D472-2364-4809-89B7-651CA25123BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9scm-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5FCB9C0-8665-4850-A01C-0D1C47F34DE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9scm-iif:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002C6967-4CCC-43B9-A687-B9B21533098E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9spu-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFAD56B7-8887-4AA8-9DB4-9DD1F5974DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9srd-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "138F57C5-269C-4963-80EA-F1F08AB4B6D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sre-3f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09BF315-D3D9-46C7-8FED-C24496FF57CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sre-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D289D8-FF90-4CDD-ADF5-EB5C70AC0CB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9srg-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBDDAAF7-FA47-41E5-8722-08AAE9049C29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sri-3f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D26AE08D-9A49-4E92-A1A9-81502BE94B7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9sri-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08A87A49-9B28-49EF-ABC3-2A69FB39C0D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9srl-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3047CD31-5589-4030-B31A-3E4EDF251986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:supermicro:x9srw-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAC06352-2CB3-472C-BE76-A6995415EF47",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR* devices allow remote attackers to execute arbitrary code on the Baseboard Management Controller (BMC), as demonstrated by the (1) username or (2) password field in login.cgi."
    },
    {
      "lang": "es",
      "value": "Multiples desbordamientos de buffer basados en pila en la interfaz web de la implementaci\u00f3n de Intelligent Platform Management Interface (IPMI) en dispositivos Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, y X9SR* permite a atacantes remotos ejecutar c\u00f3digo arbitrario en el Baseboard Management Controller (BMC), como se muestra en el campo de (1) usuario o (2) contrase\u00f1a en login.cgi."
    }
  ],
  "id": "CVE-2013-3607",
  "lastModified": "2024-11-21T01:53:58.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-09-08T03:17:39.563",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/648646"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/62094"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.citrix.com/article/CTX216642"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.usenix.org/system/files/conference/woot13/woot13-bonkoski_0.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/648646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/62094"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.citrix.com/article/CTX216642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.usenix.org/system/files/conference/woot13/woot13-bonkoski_0.pdf"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2013-3607

Vulnerability from cvelistv5

Published

2013-09-08 01:00

Modified

2024-08-06 16:14