QwikSec

Security Database

CVE

CWE

Training

CVE-2013-3623

Published: Dec 10, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

exploit

x_refsource_EXPLOIT-DB

http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf

x_refsource_CONFIRM

https://community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilities

x_refsource_MISC

http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013

x_refsource_MISC

https://support.citrix.com/article/CTX216642

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.