var-201312-0076
Vulnerability from variot
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter. Supermicro IPMI is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. Attackers may be able to execute arbitrary code in the context of the affected firmware. Failed exploit attempts will likely result in denial-of-service conditions. Supermicro IPMI running firmware version SMT_X9_226 is vulnerable. Supermicro Intelligent Platform Management Interface (IPMI) is an IPMI card (Intelligent Platform Management Interface) of Supermicro, which can remotely control the system, such as remote booting, entering BIOS, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0076",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intelligent platform management",
"scope": "eq",
"trust": 1.6,
"vendor": "supermicro",
"version": "2.24"
},
{
"model": "intelligent platform management",
"scope": "lte",
"trust": 1.0,
"vendor": "supermicro",
"version": "2.26"
},
{
"model": "intelligent platform management interface",
"scope": "lt",
"trust": 0.8,
"vendor": "super micro computer",
"version": "3.15 (smt_x9_315)"
},
{
"model": "intelligent platform management",
"scope": "eq",
"trust": 0.6,
"vendor": "supermicro",
"version": "2.26"
},
{
"model": "micro computer supermicro ipmi smt x9 226",
"scope": null,
"trust": 0.3,
"vendor": "super",
"version": null
},
{
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "micro computer supermicro ipmi smt x9 315",
"scope": "ne",
"trust": 0.3,
"vendor": "super",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:supermicro:intelligent_platform_management_firmware:*:-:-:*:-:-:x9_generation_motherboards:*",
"cpe_name": [],
"versionEndIncluding": "2.26",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24:-:-:*:-:-:x9_generation_motherboards:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3623"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HD Moore of Rapid7",
"sources": [
{
"db": "BID",
"id": "63775"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3623",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-3623",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63625",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3623",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-393",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63625",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-3623",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter. Supermicro IPMI is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. \nAttackers may be able to execute arbitrary code in the context of the affected firmware. Failed exploit attempts will likely result in denial-of-service conditions. \nSupermicro IPMI running firmware version SMT_X9_226 is vulnerable. Supermicro Intelligent Platform Management Interface (IPMI) is an IPMI card (Intelligent Platform Management Interface) of Supermicro, which can remotely control the system, such as remote booting, entering BIOS, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-63625",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=29666",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3623",
"trust": 2.9
},
{
"db": "BID",
"id": "63775",
"trust": 2.1
},
{
"db": "EXPLOIT-DB",
"id": "29666",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "124046",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-83154",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-63625",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-3623",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"id": "VAR-201312-0076",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:39:58.632000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.supermicro.com.tw/index_home.cfm"
},
{
"title": "Firmware Fixes to Common Vulnerabilities and Exposures",
"trust": 0.8,
"url": "http://www.supermicro.com/products/nfo/files/ipmi/cve_update.pdf"
},
{
"title": "SMT_X9_315",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47394"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities"
},
{
"trust": 2.6,
"url": "http://www.thomas-krenn.com/en/wiki/supermicro_ipmi_security_updates_november_2013"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/63775"
},
{
"trust": 1.8,
"url": "http://www.supermicro.com/products/nfo/files/ipmi/cve_update.pdf"
},
{
"trust": 1.8,
"url": "http://www.exploit-db.com/exploits/29666"
},
{
"trust": 1.5,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3623"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3623"
},
{
"trust": 0.3,
"url": "http://www.supermicro.com/support/bios/firmware0.aspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/29666/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/exploit/linux/http/smt_ipmi_close_window_bof"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63625"
},
{
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"db": "BID",
"id": "63775"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-63625"
},
{
"date": "2013-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"date": "2013-11-06T00:00:00",
"db": "BID",
"id": "63775"
},
{
"date": "2013-12-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"date": "2013-12-10T16:11:18.697000",
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-15T00:00:00",
"db": "VULHUB",
"id": "VHN-63625"
},
{
"date": "2017-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3623"
},
{
"date": "2016-09-09T17:00:00",
"db": "BID",
"id": "63775"
},
{
"date": "2013-12-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005499"
},
{
"date": "2017-11-15T02:29:01",
"db": "NVD",
"id": "CVE-2013-3623"
},
{
"date": "2013-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SuperMicro of X9 Run on generation motherboard IPMI Stack-based buffer overflow vulnerability in FW firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005499"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-393"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.