Vulnerabilities in AMI
60 resultsCVE-2024-54085CRITICALRedfish Authentication BypassEPSS 61.2%KEVCVE-2022-2827HIGHAMI MegaRAC User Enumeration VulnerabilityEPSS 1.7%CVE-2023-34329CRITICALAuthentication Bypass via HTTP Header SpoofingEPSS 1.0%CVE-2023-34334HIGHAMI BMC contains a vulnerability in the SPX REST API, where an
attacker with the required privileges can inject arbitrary shell commands,
whEPSS 0.8%CVE-2023-34343HIGHAMI BMC contains a vulnerability in the SPX REST API, where an
attacker with the required privileges can inject arbitrary shell commands,
whEPSS 0.8%CVE-2024-42442HIGHRuntime Service Access outside SMRAMEPSS 0.8%CVE-2023-34341HIGHAMI BMC contains a vulnerability in the SPX REST API, where an
attacker with the required privileges can read and write to arbitrary locatioEPSS 0.8%CVE-2022-26872HIGHPassword reset interception via APIEPSS 0.8%CVE-2023-34345MEDIUMAMI BMC contains a vulnerability in the SPX REST API, where an
attacker with the required privileges can access arbitrary files, which may
lEPSS 0.7%CVE-2023-34336HIGHAMI BMC contains a vulnerability in the IPMI handler, where an
attacker with the required privileges can cause a buffer overflow, which may
EPSS 0.7%CVE-2022-40242HIGHMegaRAC Default Credentials VulnerabilityEPSS 0.7%CVE-2022-40259HIGHMegaRAC Default Credentials VulnerabilityEPSS 0.6%CVE-2023-39539HIGHFailure when uploading a Logo image fileEPSS 0.6%CVE-2023-34342MEDIUMAMI BMC contains a vulnerability in the IPMI handler, where an
attacker can upload and download arbitrary files under certain circumstances,EPSS 0.5%CVE-2023-34330HIGHCode injection via Dynamic Redfish Extension interfaceEPSS 0.5%CVE-2022-40246HIGHArbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase.EPSS 0.5%CVE-2023-34344MEDIUMA vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid usernameEPSS 0.4%CVE-2022-40250HIGHStack overflow vulnerability in SMI handler on SmmSmbiosElog.EPSS 0.4%CVE-2022-40258MEDIUMWeak password hashes for Redfish & APIEPSS 0.4%CVE-2023-34472MEDIUMAMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A succEPSS 0.4%