10

CVE-2014-2955

Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RaritanPx Version <= 1.5.8
RaritanPx Version1.0
RaritanPx Version1.0.4
RaritanPx Version1.1
RaritanPx Version1.1.6
RaritanPx Version1.2
RaritanPx Version1.2.5
RaritanPx Version1.2.7
RaritanPx Version1.3
RaritanPx Version1.3.1
RaritanPx Version1.3.5
RaritanPx Version1.4.1
RaritanPx Version1.5
RaritanPx Version1.5.4
RaritanPx Version1.5.7
RaritanDpxr20a-16 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.68% 0.713
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.kb.cert.org/vuls/id/712660
Third Party Advisory
US Government Resource