CWE-121: Stack-based Buffer Overflow - CVE-2013-3607 The Supermicro IPMI web interface contains multiple buffer overflows, including one in the username and password fields of the login screen. This may allow for privileged remote code execution on the Baseboard Management Controller (BMC).
CWE-20: Improper Input Validation - CVE-2013-3608
The Supermicro IPMI web interface does not properly sanitize input, which may allow an attacker to perform shell injection attacks and execute commands as a privileged user.
CWE-269: Improper Privilege Management - CVE-2013-3609
The Supermicro IPMI web interface relies on client-side privilege validation, which may allow an attacker to perform privilege escalation attacks.
This is a list of potentially vulnerable firmwares and models:
Firmware files (30): H8DGU_V250.zip, SMT_227.zip, SMT_236.zip, SMT_243.zip, SMT_250.zip, SMT_252.zip, SMT_255.zip, SMT_257.zip, SMT_SX_266.zip, SMT_V220.zip, SMT_X9_160.zip, SMT_X9_164.zip, SMT_X9_165.zip, SMT_X9_176.zip, SMT_X9_186.zip, SMT_X9_187.zip, SMT_X9_188.zip, SMT_X9_189.zip, SMT_X9_210.zip, SMT_X9_213.zip, SMT_X9_214.zip, SMT_X9_215.zip, SMT_X9_216.zip, SMT_X9_217.zip, SMT_X9_220.zip, SMT_X9_221.zip, SMT_X9_222.zip, SMT_X9_226.zip, SMT_X9_227.zip, SMT_X9DB3_V406.zip.
Names (73): IPMI_7SPA, IPMI_7SPE, IPMI_7SPT, IPMI_7SPT-DF-D525+, IPMI_8DG6, IPMI_8DGG, IPMI_8DGTH, IPMI_8DGT-HLF/HLIBQF, IPMI_8DGU, IPMI_8DGUL, IPMI_8DTL, IPMI_8DTN+, IPMI_8DTU+, IPMI_8SGL, IPMI_8SI6, IPMI_8SIA, IPMI_8SIL, IPMI_8SIT-F, IPMI_8SIT-HF, IPMI_8SIU, IPMI_8SME-F, IPMI_8SML-7/i(F), IPMI_9DAX-7/i(T)F, IPMI_9DAX-i/7F-HFT, IPMI_9DB3/i-(TP)F, IPMI_9DBL-iF/3F, IPMI_9DR3, IPMI_9DR7/E-TF+,IPMI_9DR7-LN4F, IPMI_9DRD-7LN4F-JBOD, IPMI_9DRD-IF, IPMI_9DRFF-(7), IPMI_9DRFF-7/i(T)+, IPMI_9DRFF-7/i(T)G+, IPMI_9DRFR, IPMI_9DRG, IPMI_9DRG-H, IPMI_9DRH, IPMI_9DRi,
IPMI_9DRi/3-LN4F+, IPMI_9DRL-3/iF, IPMI_9DRL-EF, IPMI_9DRT-F, IPMI_9DRT-H6, IPMI_9DRT-HF+, IPMI_9DRT-HF/HIBFF/HIBQF, IPMI_9DRW-3, IPMI_9DRW-7/iTPF+, IPMI_9DRW-7TPF, IPMI_9DRX, IPMI_9QR7/i, IPMI_9QR7-TF, IPMI_9SBAA-F, IPMI_9SCD, IPMI_9SCE-F, IPMI_9SCFF-F, IPMI_9SCI-LN4F, IPMI_9SCM, IPMI_9SCM-iiF, IPMI_9SPU-F, IPMI_9SRD-F, IPMI_9SRE/i-(3)F, IPMI_9SRG, IPMI_9SRL, IPMI_9SRW-F, IPMI_DTU4L, IPMI_H8DCL, IPMI_H8DCT, IPMI_H8DCT-H, IPMI_SCM, IPMI_X9DBU-3F/iF, IPMI_X9DR7/E-LN4F, IPMI_X9DRD-7LN4F.
Device models (135): X9SRW-F, X9SRL-F, X9SRG-F, X9SRE-3F, X9SRE-F, X9SRi-3F, X9SRi-F, X9SRD-F, X9SPU-F, X9SCM-iiF, X9SCL+-F, X9SCL-F, X9SCM-F, X9SCI-LN4F, X9SCFF-F, X9SCE-F, X9SCA-F, X9SCD-F, X9SBAA-F, X9QR7-TF, X9QR7-TF-JBOD, X9QRi-F, X9QR7-TF+, X9QRi-F+, X9DRX+-F, X9DRX+-F, X9DRW-iTPF, X9DRW-7TPF+, X9DRW-iTPF+, X9DRW-3LN4F+, X9DRW-3TF+, X9DRT-HF+, X9DRT-H6F, X9DRT-H6IBFF,
X9DRT-H6IBQF, X9DRT-F, X9DRT-IBFF, X9DRT-IBQF, X9DRL-EF, X9DRL-3F, X9DRL-iF, X9DRi-F, X9DRH-7F, X9DRH-7TF, X9DRH-iF, X9DRH-iTF, X9DRG-HF, X9DRG-HTF, X9DRG-HF+, X9DRG-HTF+, X9DRFR, X9DRFF,
X9DRFF-7, X9DRFF-7G+, X9DRFF-7TG+, X9DRFF-iG+, X9DRFF-iTG+, X9DRFF-7+, X9DRFF-7T+, X9DRFF-i+, X9DRFF-iT+, X9DRD-iF, X9DRD-7LN4F, X9DRD-EF, X9DRD-7JLN4F, X9DRD-7LN4F-JBOD, X9DR7-TF+, X9DRE-TF+, X9DR7-LN4F, X9DRE-LN4F, X9DR7-LN4F-JBOD, X9DR3-LN4F+, X9DRi-LN4F+, X9DR3-F, X9DBU-3F, X9DBU-iF, X9DBL-3F, X9DBL-iF, X9DB3-F, X9DB3-TPF, X9DBi-F, X9DBi-TPF, X9DAX-7F, X9DAX-7TF, X9DAX-iF, X9DAX-iTF, X9DAX-7F-HFT, X9DAX-iF-HFT, X8SIU-F, X8SIT-HF, X8SIT-F, X8SIL-F, X8SIA-F, X8SI6-F, X8SIE-F, X8SIE-LN4F, X8DTU-LN4F+, X8DTU-LN4F+-LR, X8DTU-6F+, X8DTU-6F+-LR, X8DTU-6TF+, X8DTU-6TF+-LR, X8DTN+-F, X8DTN+-F-LR, X8DTL-3F, X8DTL-6F, X8DTL-IF, X7SPT-DF-D525, X7SPT-DF-D525+, X7SPA-HF, X7SPA-HF-D525, X7SPE-H-D525, X7SPE-HF, X7SPE-HF-D525, H8SML-7, H8SML-7F, H8SML-i,
H8SML-iF, H8SME-F, H8SGL-F, H8SCM-F, H8DGU-LN4F+, H8DGU-F, H8DGT-HLF, H8DGT-HLIBQF, H8DGT-HF, H8DGT-HIBQF, H8DGG-QF, H8DG6-F, H8DGi-F, H8DCT-HIBQF, H8DCT-HLN4F, H8DCT-F, H8DCT-IBQF, H8DCL-6F, H8DCL-iF. |