Description
The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands.
References (2)
Core 2
Core References
Product
http://supermicro.com
Vendor Advisory
https://www.supermicro.com/en/support/security_BMC_Dec_2023
Scores
CVSS v3
8.8
EPSS
0.0101
EPSS Percentile
58.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-798
Status
published
Products (50)
supermicro/b12dpe-6_firmware
< 3.17.02
supermicro/b12dpt-6_firmware
< 3.17.02
supermicro/b12spe-cpu-25g_firmware
< 3.17.02
supermicro/b13dee_firmware
< 3.17.02
supermicro/b13det_firmware
< 3.17.02
supermicro/b13see-cpu-25g_firmware
< 3.17.02
supermicro/b13seg_firmware
< 3.17.02
supermicro/c9x299-pg300_firmware
< 3.17.02
supermicro/c9x299-pg300f_firmware
< 3.17.02
supermicro/c9x299-pg_firmware
< 3.17.02
... and 40 more
Published
Dec 07, 2023
Tracked Since
Feb 18, 2026