8.1
CVE-2013-3619
- EPSS 9.46%
- Published 02.01.2020 18:15:11
- Last modified 21.11.2024 01:53:59
- Source cret@cert.org
- Teams watchlist Login
- Open Login
Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lighttpd web server SSL interface and the (2) Dropbear SSH daemon.
Data is provided by the National Vulnerability Database (NVD)
Supermicro ≫ Smt X9 Firmware Version < 3.15
Supermicro ≫ Smt X8 Firmware Version < 3.12
Citrix ≫ Netscaler Sdx Firmware Version10
Citrix ≫ Netscaler Firmware Version-
Citrix ≫ Netscaler Sd-wan Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.46% | 0.92 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.