Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-16649

Published: 21/09/2019 Updated: 24/08/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 10 | Impact Score: 6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to X11dai-n Firmware

Vulnerability Summary

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the server managed by the BMC.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

supermicro x11dai-n_firmware 1.71.5

supermicro x11dac_firmware 1.71.5

supermicro x11dph-tq_firmware 1.71.5

supermicro x11dph-i_firmware 1.71.5

supermicro x11dph-t_firmware 1.71.5

supermicro x11dps-re_firmware 1.71.5

supermicro x11dsf-e_firmware 1.71.5

supermicro x11dsn-ts_firmware 1.71.5

supermicro x11dsn-tsq_firmware 1.71.5

supermicro x11dsc\\+_firmware 1.74

supermicro x11ddw-nt_firmware 1.71.5

supermicro x11ddw-l_firmware 1.71.5

supermicro x11dgq_firmware 1.71.5

supermicro x11dpff-sn_firmware 1.71.5

supermicro x11dpfr-sn_firmware 1.71.5

supermicro x11dpfr-s_firmware 1.71.5

supermicro x11dpt-ps_firmware 1.71.5

supermicro x11dpt-b_firmware 1.71.5

supermicro x11dpt-bh_firmware 1.71.5

supermicro x11dpt-l_firmware 3.74

supermicro x11dpu_firmware 1.71.5

supermicro x11dpu-v_firmware 1.71.5

supermicro x11dpu-x_firmware 1.71.5

supermicro x11dpu-xll_firmware 1.71.5

supermicro x11dpu-z\\+_firmware 1.71.5

supermicro x11dpu-ze\\+_firmware 1.71.5

supermicro x11dpg-sn_firmware 1.71.5

supermicro x11dpg-qt_firmware 1.71.5

supermicro x11dpg-ot-cpu_firmware 1.71.5

supermicro x11dpi-nt_firmware 1.71.5

supermicro x11dpi-n_firmware 1.71.5

supermicro x11dpl-i_firmware 1.71.5

supermicro x11dpx-t_firmware 1.71.5

supermicro x11dgo-t_firmware 1.71.5

supermicro x11sca_firmware 1.71.5

supermicro x11sca-f_firmware 1.71.5

supermicro x11sch-f_firmware 1.23.2

supermicro x11sch-ln4f_firmware 1.23.2

supermicro x11sca-w_firmware 1.71.5

supermicro x11scl-f_firmware 1.23.2

supermicro x11scl-ln4f_firmware 1.23.2

supermicro x11scl-if_firmware 1.23.2

supermicro x11scm-f_firmware 1.23.2

supermicro x11scm-ln8f_firmware 1.23.2

supermicro x11scw-f_firmware 3.75.00

supermicro x11spa-t_firmware 1.71.5

supermicro x11spa-tf_firmware 1.71.5

supermicro x11spi-tf_firmware 1.71.6

supermicro x11spl-f_firmware 1.71.6

supermicro x11spm-f_firmware 1.71.6

supermicro x11spm-tf_firmware 1.71.6

supermicro x11spm-tpf_firmware 1.71.6

supermicro x11sph-nctf_firmware 1.71.6

supermicro x11sph-nctpf_firmware 1.71.6

supermicro x11spw-tf_firmware 1.71.6

supermicro x11spw-ctf_firmware 1.71.6

supermicro x11spg-tf_firmware 1.71.6

supermicro x11sri-if_firmware 3.75.00

supermicro x11srl-f_firmware 3.74.2

supermicro x11srm-f_firmware 1.31.1

supermicro x11srm-vf_firmware 1.31.1

supermicro x11ssl-f_firmware 1.56

supermicro x11ssm-f_firmware 1.56

supermicro x11ssl_firmware 1.56

supermicro x11ssm_firmware 1.56

supermicro x11ssh-f_firmware 1.56

supermicro x11ssh-ln4f_firmware 1.56

supermicro x11ssw-4tf_firmware 1.56

supermicro x11ssw-tf_firmware 1.56

supermicro x11ssw-f_firmware 1.71.5

supermicro x11ssi-ln4f_firmware 1.71.5

supermicro x11ssw-f_firmware 3.85.00

supermicro x11ssh-tf_firmware 1.56

supermicro x11ssh-ctf_firmware 1.56

supermicro x11ssl-cf_firmware 1.56

supermicro x11ssl-nf_firmware 1.56

supermicro x11ssh-gf-1585_firmware 1.56

supermicro x11ssh-gf-1585l_firmware 1.56

supermicro x11ssh-gtf-1585_firmware 1.56

supermicro x11ssh-gtf-1585l_firmware 1.56

supermicro b11dpt_firmware 3.68

supermicro b11dpe_firmware 3.68

supermicro b11spe-cpu-tf_firmware 3.68

supermicro b11spe-cpu-25g_firmware 3.68

supermicro b11qpi_firmware 3.68

supermicro x11ssd-f_firmware 3.68

supermicro x11sse-f_firmware 3.68

supermicro b2ss1-cpu_firmware 3.68

supermicro b2ss1-cf_firmware 3.68

supermicro b2ss1-f_firmware 3.68

supermicro b2ss2-f_firmware 3.68

supermicro b2ss1-mtf_firmware 3.68

supermicro b2ss1-h-mtf_firmware 3.68

supermicro b2ss2-mtf_firmware 3.68

supermicro b2ss2-h-mtf_firmware 3.68

supermicro x11scd-f_firmware 3.68

supermicro x11sdd-8c-f_firmware 3.68

supermicro x11sdd-18c-f_firmware 3.68

supermicro x11qph\\+_firmware 1.71.5

supermicro x11opi-cpu_firmware 1.71.5

supermicro x11sds-8c_firmware 3.74.2

supermicro x11sds-12c_firmware 3.74.2

supermicro x11sds-16c_firmware 3.74.2

supermicro x10ddw-i_firmware 3.83

supermicro x10ddw-in_firmware 3.83

supermicro x10drs_firmware 3.83

supermicro x10drd-i_firmware 3.83

supermicro x10drd-it_firmware 3.83

supermicro x10drd-int_firmware 3.83

supermicro x10drd-intp_firmware 3.83

supermicro x10drd-itp_firmware 3.83

supermicro x10drd-l_firmware 3.83

supermicro x10drd-lt_firmware 3.83

supermicro x10drd-ltp_firmware 3.83

supermicro x10drx_firmware 3.83

supermicro x10drh-c_firmware 3.83

supermicro x10drh-ct_firmware 3.83

supermicro x10drh-cln4_firmware 3.83

supermicro x10drh-i_firmware 3.83

supermicro x10drh-it_firmware 3.83

supermicro x10drh-iln4_firmware 3.83

supermicro x10dri_firmware 3.83

supermicro x10dri-t_firmware 3.83

supermicro x10drc-ln4\\+_firmware 3.83

supermicro x10drc-t4\\+_firmware 3.83

supermicro x10dri-ln4\\+_firmware 3.83

supermicro x10dri-t4\\+_firmware 3.83

supermicro x10drl-ln4_firmware 3.83

supermicro x10drl-i_firmware 3.83

supermicro x10drl-it_firmware 3.83

supermicro x10drl-c_firmware 3.83

supermicro x10drl-ct_firmware 3.83

supermicro x10drt-l_firmware 3.83

supermicro x10drt-libq_firmware 3.83

supermicro x10drt-libf_firmware 3.83

supermicro x10drt-b\\+_firmware 3.83

supermicro x10drt-h_firmware 3.83

supermicro x10drt-hibf_firmware 3.83

supermicro x10drt-ps_firmware 3.83

supermicro x10drt-p_firmware 3.83

supermicro x10drt-pt_firmware 3.83

supermicro x10drt-pibq_firmware 3.83

supermicro x10drt-pibf_firmware 3.83

supermicro x10drfr-n_firmware 3.83

supermicro x10drfr-nt_firmware 3.83

supermicro x10drfr_firmware 3.83

supermicro x10drfr-t_firmware 3.83

supermicro x10drff-cg_firmware 3.83

supermicro x10drff-ctg_firmware 3.83

supermicro x10drff-ig_firmware 3.83

supermicro x10drff-itg_firmware 3.83

supermicro x10drff_firmware 3.83

supermicro x10drff-c_firmware 3.83

supermicro x10drw-n_firmware 3.83

supermicro x10drw-nt_firmware 3.83

supermicro x10drw-e_firmware 3.83

supermicro x10drw-et_firmware 3.83

supermicro x10drw-i_firmware 3.83

supermicro x10drw-it_firmware 3.83

supermicro x10dsn-ts_firmware 3.83

supermicro x10drg-ot\\+-cpu_firmware 3.83

supermicro x10drg-o\\+-cpu_firmware 3.83

supermicro x10dgo-t_firmware 3.83

supermicro x10dgq_firmware 3.83

supermicro x10drg-q_firmware 3.83

supermicro x10drg-h_firmware 3.83

supermicro x10drg-ht_firmware 3.83

supermicro x10dru-i\\+_firmware 3.83

supermicro x10dru-x_firmware 3.83

supermicro x10dru-xll_firmware 3.83

supermicro x10dsc\\+_firmware 3.83

supermicro x10sra-f_firmware 3.83

supermicro x10sra_firmware 3.83

supermicro x10srd-f_firmware 3.83

supermicro x10srm-f_firmware 3.83

supermicro x10srm-tf_firmware 3.83

supermicro x10srl-f_firmware 3.83

supermicro x10sri-f_firmware 3.83

supermicro x10srh-cf_firmware 3.83

supermicro x10srh-cln4f_firmware 3.83

supermicro x10srg-f_firmware 3.83

supermicro x10srw-f_firmware 3.83

supermicro x10sae_firmware 3.83

supermicro x10sat_firmware 3.83

supermicro x10slx-f_firmware 3.83

supermicro x10sld-f_firmware 3.83

supermicro x10sld-hf_firmware 3.83

supermicro x10sle-f_firmware 3.83

supermicro x10sle-hf_firmware 3.83

supermicro x10sle-df_firmware 3.83

supermicro x10sl7-f_firmware 3.83

supermicro x10sla-f_firmware 3.83

supermicro x10slh-f_firmware 3.83

supermicro x10sll\\+-f_firmware 3.83

supermicro x10sll-f_firmware 3.83

supermicro x10sll-sf_firmware 3.83

supermicro x10sll-s_firmware 3.83

supermicro x10slm-f_firmware 3.83

supermicro x10slm\\+-f_firmware 3.83

supermicro x10slm\\+-ln4f_firmware 3.83

supermicro x10sde-df_firmware 3.68

supermicro x10sdd-16c-f_firmware 3.68

supermicro x10sdd-f_firmware 3.68

supermicro b1sd1-16c-tf_firmware 3.68

supermicro b1sd1-tf_firmware 3.68

supermicro b1sd2-16c-tf_firmware 3.68

supermicro b1sd2-tf_firmware 3.68

supermicro b10drc_firmware 3.68

supermicro b10drc-n_firmware 3.68

supermicro b10dri_firmware 3.68

supermicro b10dri-n_firmware 3.68

supermicro b10drg-ibf_firmware 3.68

supermicro b10drg-ibf2_firmware 3.68

supermicro b10drg-tp_firmware 3.68

supermicro b10drt_firmware 3.68

supermicro b10drt-ibf_firmware 3.68

supermicro b10drt-ibf2_firmware 3.68

supermicro b10drt-tp_firmware 3.68

supermicro x10qrh\\+_firmware 3.80

supermicro x10qbl-4_firmware 3.80

supermicro x10qbl-4ct_firmware 3.80

supermicro x10qbl_firmware 3.80

supermicro x10qbl-ct_firmware 3.80

supermicro x10qbi_firmware 3.81

supermicro x10obi-cpu_firmware 3.83

supermicro x10dbt-t_firmware 3.83

supermicro x10sdv-7tp8f_firmware 3.83

supermicro x10sdv-7tp4f_firmware 3.83

supermicro x10sdv-2c-7tp4f_firmware 3.83

supermicro x10sdv-4c-7tp4f_firmware 3.83

supermicro x10sdv-2c-tp4f_firmware 3.83

supermicro x10sdv-4c\\+-tp4f_firmware 3.83

supermicro x10sdv-2c-tp8f_firmware 3.83

supermicro x10sdv-tp8f_firmware 3.83

supermicro x10sdv-f_firmware 3.83

supermicro x10sdv-tln4f_firmware 3.83

supermicro x10sdv-8c-tln4f_firmware 3.83

supermicro x10sdv-6c-tln4f_firmware 3.83

supermicro x10sdv-2c-tln2f_firmware 3.83

supermicro x10sdv-4c-tln2f_firmware 3.83

supermicro x10sdv-4c-tln4f_firmware 3.83

supermicro x10sdv-4c\\+-tln4f_firmware 3.83

supermicro x10sdv-6c\\+-tln4f_firmware 3.83

supermicro x10sdv-8c-tln4f\\+_firmware 3.83

supermicro x10sdv-8c\\+-ln2f_firmware 3.83

supermicro x10sdv-12c-tln4f_firmware 3.83

supermicro x10sdv-12c-tln4f\\+_firmware 3.83

supermicro x10sdv-12c\\+-tln4f_firmware 3.83

supermicro x10sdv-16c\\+-tln4f_firmware 3.83

supermicro x10sdv-16c-tln4f\\+_firmware 3.83

supermicro x10sdv-16c-tln4f_firmware 3.83

supermicro a1srm-ln7f-2358_firmware 3.83

supermicro a1srm-ln7f-2758_firmware 3.83

supermicro a1srm-ln5f-2358_firmware 3.83

supermicro a1sa2-2750f_firmware 3.83

supermicro a1sam-2750f_firmware 3.83

supermicro a1sam-2550f_firmware 3.83

supermicro a1srm-2758f_firmware 3.83

supermicro a1srm-2558f_firmware 3.83

supermicro a1sai-2750f_firmware 3.83

supermicro a1sai-2550f_firmware 3.83

supermicro a1sri-2758f_firmware 3.83

supermicro a1sri-2558f_firmware 3.83

supermicro a1sri-2358f_firmware 3.83

supermicro m11sdv-8c\\+-ln4f_firmware 3.15

supermicro m11sdv-8c-ln4f_firmware 3.15

supermicro m11sdv-8ct-ln4f_firmware 3.15

supermicro m11sdv-4c-ln4f_firmware 3.15

supermicro m11sdv-4ct-ln4f_firmware 3.15

supermicro x9drg-h\\(t\\)f_firmware 3.3

supermicro x9drh-7\\/i\\(t\\)f_firmware 3.3

supermicro x9dr3\\/i-f_firmware 3.3

supermicro x9drt-h_series_firmware 3.3

supermicro x9drt_series_firmware 3.3

supermicro x9dr3\\/i-ln4f\\+_firmware 3.3

supermicro x9drd-7ln4f_series_firmware 3.3

supermicro x9drd-ef_firmware 3.3

supermicro x9drl-3\\/if_firmware 3.3

supermicro x9drw-3ln4f\\+\\/3tf\\+_firmware 3.3

supermicro x9drw-3\\/if_firmware 3.3

supermicro x9drw-7\\/itpf\\+_firmware 3.3

supermicro x9dbl-3\\/i\\(f\\)_firmware 3.3

supermicro x9da7\\/e_firmware 3.3

supermicro x9dai_firmware 3.3

supermicro x9db3\\/i-\\(tp\\)f_firmware 3.3

supermicro x9dbs-f\\(-2u\\)_firmware 3.3

supermicro x9dbu-3\\/if_firmware 3.3

supermicro x9dr7\\/e-ln4f_firmware 3.3

supermicro x9dr7\\/e-tf\\+_firmware 3.3

supermicro x9dr7-jln4f_firmware 3.3

supermicro x9drd-l\\/if_firmware 3.3

supermicro x9drd-it\\+_firmware 3.3

supermicro x9drd-c\\(n\\)t\\+_firmware 3.3

supermicro x9drfr_firmware 3.3

supermicro x9drff\\(-7\\)_firmware 3.3

supermicro x9drff-7\\/i\\(t\\)\\+_firmware 3.3

supermicro x9drff-7\\/i\\(t\\)g\\+_firmware 3.3

supermicro x9drg-h\\(t\\)f\\+_firmware 3.3

supermicro x9drg-h\\(t\\)f\\+ii_firmware 3.3

supermicro x9drg-qf_firmware 3.3

supermicro x9drg-o\\(t\\)f-cpu_firmware 3.3

supermicro x9drl-7\\/ef_firmware 3.3

supermicro x9drt-p_series_firmware 3.3

supermicro x9drt-hf\\+_firmware 3.3

supermicro x9drw-c\\(t\\)f31_firmware 3.3

supermicro x9drw-7\\/itpf_firmware 3.3

supermicro x9drh-if-nv_firmware 3.3

supermicro x9drx\\+-f_firmware 3.3

supermicro x9dax-7\\/i\\(t\\)f_firmware 3.3

supermicro x9dax-7\\/if-hft_firmware 3.3

supermicro x9dal-3\\/i_firmware 3.3

supermicro x9sre\\/i_series_firmware 3.3

supermicro x9srh-7\\(t\\)f_firmware 3.3

supermicro x9srd-f_firmware 3.3

supermicro x9srw-f_firmware 3.3

supermicro x9srg-f_firmware 3.3

supermicro x9srl\\(-f\\)_firmware 3.3

supermicro x9sra_firmware 3.3

supermicro x9sae\\(-v\\)_firmware 2.3

supermicro x9scl\\+-f_firmware 2.3

supermicro x9scl\\(-f\\)_firmware 2.3

supermicro x9scm\\(-f\\)_firmware 2.3

supermicro x9scd_series_firmware 2.3

supermicro x9sca\\(-f\\)_firmware 2.3

supermicro x9sci-ln4\\(f\\)_firmware 2.3

supermicro x9qri-f_firmware 3.3

supermicro x9qr7-tf_firmware 3.3

supermicro x9qri-f\\+_firmware 3.3

supermicro x9qr7-tf\\+_firmware 3.3

supermicro b9dri_firmware 3.3

supermicro b9dr7_firmware 3.3

supermicro b9drp_firmware 3.3

supermicro b9drg-3m_firmware 3.3

supermicro b9drg-e_firmware 3.3

supermicro b9drg_firmware 3.3

supermicro b9drt_firmware 3.3

supermicro b9qr7\\(-tp\\)_firmware 3.3

References

CWE-287CWE-326CWE-522https://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/https://www.supermicro.com/support/security_BMC_virtual_media.cfmhttps://github.com/eclypsium/USBAnywherehttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook