Lucene search

[email protected]CVE-2022-43309

HistoryApr 07, 2023 - 9:15 p.m.

CVE-2022-43309

2023-04-0721:15:06

CWE-732

[email protected]

web.nvd.nist.gov

cve-2022-43309

supermicro

x11ssl-cf

bmc firmware

v1.63

insecure permissions

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

15.1%

JSON

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

CPENameOperatorVersion
supermicro:x11ssl-cf_firmwaresupermicro x11ssl-cf firmwareeq1.63

CPE	Name	Operator	Version
supermicro:x11ssl-cf_firmware	supermicro x11ssl-cf firmware	eq	1.63

References

supermicro.com

x11ssl-cf.com

www.supermicro.com/en/support/security_VRM_Jan_2023

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

15.1%

JSON

Related for CVE-2022-43309

prion1 cvelist1