Published: 02/01/2020 Updated: 15/01/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 470

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lighttpd web server SSL interface and the (2) Dropbear SSH daemon.

Vulnerable Product	Search on Vulmon	Subscribe to Product
supermicro smt_x9_firmware
supermicro smt_x8_firmware
citrix netscaler_sdx_firmware 10
citrix netscaler_firmware -
citrix netscaler_sd-wan_firmware -

Description of Problem A number of security vulnerabilities have been identified in firmware used in the Lights Out Management (LOM) component across all NetScaler-based hardware appliances: Citrix NetScaler Application Delivery Controller (ADC) Citrix NetScaler Gateway Citrix NetScaler Service Delivery Appliance Citrix CloudBridge (now NetScaler S ...

CWE-798 https://exchange.xforce.ibmcloud.com/vulnerabilities/89044 http://support.citrix.com/article/CTX216642 https://support.citrix.com/article/CTX216642 https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities https://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf https://nvd.nist.gov https://support.citrix.com/article/CTX216642

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-3619

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect