VAR-201312-0076
Vulnerability from variot - Updated: 2023-12-18 13:39Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter. Supermicro IPMI is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. Attackers may be able to execute arbitrary code in the context of the affected firmware. Failed exploit attempts will likely result in denial-of-service conditions. Supermicro IPMI running firmware version SMT_X9_226 is vulnerable. Supermicro Intelligent Platform Management Interface (IPMI) is an IPMI card (Intelligent Platform Management Interface) of Supermicro, which can remotely control the system, such as remote booting, entering BIOS, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0076",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intelligent platform management",
"scope": "eq",
"trust": 1.6,
"vendor": "supermicro",
"version": "2.24"
},
{
"model": "intelligent platform management",
"scope": "lte",
"trust": 1.0,
"vendor": "supermicro",
"version": "2.26"
},
{
"model": "intelligent platform management interface",
"scope": "lt",
"trust": 0.8,
"vendor": "super micro computer",
"version": "3.15 (smt_x9_315)"
},
{
"model": "intelligent platform management",
"scope": "eq",
"trust": 0.6,
"vendor": "supermicro",
"version": "2.26"
},
{
"model": "micro computer supermicro ipmi smt x9 226",
"scope": null,
"trust": 0.3,
"vendor": "super",
"version": null
},
{
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "micro computer supermicro ipmi smt x9 315",
"scope": "ne",
"trust": 0.3,
"vendor": "super",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:supermicro:intelligent_platform_management_firmware:*:-:-:*:-:-:x9_generation_motherboards:*",
"cpe_name": [],
"versionEndIncluding": "2.26",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24:-:-:*:-:-:x9_generation_motherboards:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3623"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HD Moore of Rapid7",
"sources": [
{
"db": "BID",
"id": "63775"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3623",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-3623",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63625",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3623",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-393",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63625",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-3623",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter. Supermicro IPMI is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. \nAttackers may be able to execute arbitrary code in the context of the affected firmware. Failed exploit attempts will likely result in denial-of-service conditions. \nSupermicro IPMI running firmware version SMT_X9_226 is vulnerable. Supermicro Intelligent Platform Management Interface (IPMI) is an IPMI card (Intelligent Platform Management Interface) of Supermicro, which can remotely control the system, such as remote booting, entering BIOS, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-63625",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=29666",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3623",
"trust": 2.9
},
{
"db": "BID",
"id": "63775",
"trust": 2.1
},
{
"db": "EXPLOIT-DB",
"id": "29666",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "124046",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-83154",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-63625",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-3623",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"id": "VAR-201312-0076",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:39:58.632000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.supermicro.com.tw/index_home.cfm"
},
{
"title": "Firmware Fixes to Common Vulnerabilities and Exposures",
"trust": 0.8,
"url": "http://www.supermicro.com/products/nfo/files/ipmi/cve_update.pdf"
},
{
"title": "SMT_X9_315",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47394"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities"
},
{
"trust": 2.6,
"url": "http://www.thomas-krenn.com/en/wiki/supermicro_ipmi_security_updates_november_2013"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/63775"
},
{
"trust": 1.8,
"url": "http://www.supermicro.com/products/nfo/files/ipmi/cve_update.pdf"
},
{
"trust": 1.8,
"url": "http://www.exploit-db.com/exploits/29666"
},
{
"trust": 1.5,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3623"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3623"
},
{
"trust": 0.3,
"url": "http://www.supermicro.com/support/bios/firmware0.aspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/29666/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/exploit/linux/http/smt_ipmi_close_window_bof"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-63625"
},
{
"date": "2013-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"date": "2013-11-06T00:00:00",
"db": "BID",
"id": "63775"
},
{
"date": "2013-12-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"date": "2013-12-10T16:11:18.697000",
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-15T00:00:00",
"db": "VULHUB",
"id": "VHN-63625"
},
{
"date": "2017-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"date": "2016-09-09T17:00:00",
"db": "BID",
"id": "63775"
},
{
"date": "2013-12-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"date": "2017-11-15T02:29:01",
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"date": "2013-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SuperMicro of X9 Run on generation motherboard IPMI Stack-based buffer overflow vulnerability in FW firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…