CVE-2024-42934
MEDIUMOpenIPMI < 2.0.36 - Denial of Service via Out-of-Bounds Array Access in ipmi_sim
Title source: llmDescription
OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with very low probability) authentication bypass or code execution.
References (3)
Core 3
Scores
CVSS v3
5.0
EPSS
0.0040
EPSS Percentile
31.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-862
Status
published
Published
Oct 09, 2024
Tracked Since
Feb 18, 2026