CVE-2014-2955
Raritan PX < 1.5.11 - Unauthenticated Authentication Bypass via Cipher Suite 0
Title source: llmDescription
Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jul/14
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/712660
Scores
EPSS
0.0277
EPSS Percentile
84.5%
Details
CWE
CWE-287
Status
published
Products (16)
raritan/dpxr20a-16
raritan/px
1.0
raritan/px
1.0.4
raritan/px
1.1
raritan/px
1.1.6
raritan/px
1.2
raritan/px
1.2.5
raritan/px
1.2.7
raritan/px
1.3
raritan/px
1.3.1
... and 6 more
Published
Jul 14, 2014
Tracked Since
Feb 18, 2026