CVE-2023-34329

Authentication Bypass via HTTP Header Spoofing

CVSS 9.1 CRITICALEPSS 1.0%CWE-290 CWE-306

In short

A flaw in AMI MegaRAC SPx12's BMC web interface allows attackers to bypass login by forging HTTP headers, potentially giving them full control over the system without valid credentials.

Technical detail

The BMC web service in AMI MegaRAC SPx12 fails to properly validate HTTP headers used for authentication (CWE-290, CWE-306), allowing remote attackers to spoof authentication headers and gain unauthorized access. Successful exploitation compromises confidentiality, integrity, and availability of the managed system.

Summary generated and translated by AI from the official description.

AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected products

AMI · MegaRAC_SPx12

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf https://security.netapp.com/advisory/ntap-20230814-0004/