CVE-2014-2955

Raritan PX < 1.5.8 - Authentication Bypass

Title source: rule

Description

Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

References (2)

[Mailing List] http://seclists.org/fulldisclosure/2014/Jul/14

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/712660

Scores

EPSS 0.0068

EPSS Percentile 71.4%

Classification

CWE

CWE-287

Status draft

Affected Products (16)

raritan/px < 1.5.8

raritan/px

... and 1 more

Timeline

Published Jul 14, 2014

Tracked Since Feb 18, 2026