Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-3609

The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR* devices relies on JavaScript code on the client for authorization checks, which allows remote authenticated users to bypass intended access restrictions via a crafted request, related to the PrivilegeCallBack function.

Published

2013-09-08T03:17:39.603

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-20
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Hardware supermicro h8dcl-6f - Yes
Hardware supermicro h8dcl-if - Yes
Hardware supermicro h8dct-hibqf - Yes
Hardware supermicro h8dct-hln4f - Yes
Hardware supermicro h8dct-ibqf - Yes
Hardware supermicro h8dg6-f - Yes
Hardware supermicro h8dgg-qf - Yes
Hardware supermicro h8dgi-f - Yes
Hardware supermicro h8dgt-hf - Yes
Hardware supermicro h8dgt-hibqf - Yes
Hardware supermicro h8dgt-hlf - Yes
Hardware supermicro h8dgt-hlibqf - Yes
Hardware supermicro h8dgu-f - Yes
Hardware supermicro h8dgu-ln4f\+ - Yes
Hardware supermicro h8scm-f - Yes
Hardware supermicro h8sgl-f - Yes
Hardware supermicro h8sme-f - Yes
Hardware supermicro h8sml-7 - Yes
Hardware supermicro h8sml-7f - Yes
Hardware supermicro h8sml-i - Yes
Hardware supermicro h8sml-if - Yes
Hardware supermicro x7spa-hf - Yes
Hardware supermicro x7spa-hf-d525 - Yes
Hardware supermicro x7spe-h-d525 - Yes
Hardware supermicro x7spe-hf - Yes
Hardware supermicro x7spe-hf-d525 - Yes
Hardware supermicro x7spt-df-d525 - Yes
Hardware supermicro x7spt-df-d525\+ - Yes
Hardware supermicro x8dtl-3f - Yes
Hardware supermicro x8dtl-6f - Yes
Hardware supermicro x8dtl-if - Yes
Hardware supermicro x8dtn\+-f - Yes
Hardware supermicro x8dtn\+-f-lr - Yes
Hardware supermicro x8dtu-6f\+ - Yes
Hardware supermicro x8dtu-6f\+-lr - Yes
Hardware supermicro x8dtu-6tf\+ - Yes
Hardware supermicro x8dtu-6tf\+-lr - Yes
Hardware supermicro x8dtu-ln4f\+ - Yes
Hardware supermicro x8dtu-ln4f\+-lr - Yes
Hardware supermicro x8si6-f - Yes
Hardware supermicro x8sia-f - Yes
Hardware supermicro x8sie-f - Yes
Hardware supermicro x8sie-ln4f - Yes
Hardware supermicro x8sil-f - Yes
Hardware supermicro x8sit-f - Yes
Hardware supermicro x8sit-hf - Yes
Hardware supermicro x8siu-f - Yes
Hardware supermicro x9dax-7f - Yes
Hardware supermicro x9dax-7f-hft - Yes
Hardware supermicro x9dax-7tf - Yes
Hardware supermicro x9dax-if - Yes
Hardware supermicro x9dax-if-hft - Yes
Hardware supermicro x9dax-itf - Yes
Hardware supermicro x9db3-f - Yes
Hardware supermicro x9db3-tpf - Yes
Hardware supermicro x9dbi-f - Yes
Hardware supermicro x9dbi-tpf - Yes
Hardware supermicro x9dbl-3f - Yes
Hardware supermicro x9dbl-if - Yes
Hardware supermicro x9dbu-3f - Yes
Hardware supermicro x9dbu-if - Yes
Hardware supermicro x9dr3-f - Yes
Hardware supermicro x9dr3-ln4f\+ - Yes
Hardware supermicro x9dr7-ln4f - Yes
Hardware supermicro x9dr7-ln4f-jbod - Yes
Hardware supermicro x9dr7-tf\+ - Yes
Hardware supermicro x9drd-7jln4f - Yes
Hardware supermicro x9drd-7ln4f - Yes
Hardware supermicro x9drd-7ln4f-jbod - Yes
Hardware supermicro x9drd-ef - Yes
Hardware supermicro x9drd-if - Yes
Hardware supermicro x9dre-ln4f - Yes
Hardware supermicro x9dre-tf\+ - Yes
Hardware supermicro x9drff - Yes
Hardware supermicro x9drff-7 - Yes
Hardware supermicro x9drff-7\+ - Yes
Hardware supermicro x9drff-7g\+ - Yes
Hardware supermicro x9drff-7t\+ - Yes
Hardware supermicro x9drff-7tg\+ - Yes
Hardware supermicro x9drff-i\+ - Yes
Hardware supermicro x9drff-ig\+ - Yes
Hardware supermicro x9drff-it\+ - Yes
Hardware supermicro x9drff-itg\+ - Yes
Hardware supermicro x9drfr - Yes
Hardware supermicro x9drg-hf - Yes
Hardware supermicro x9drg-hf\+ - Yes
Hardware supermicro x9drg-htf - Yes
Hardware supermicro x9drg-htf\+ - Yes
Hardware supermicro x9drh-7f - Yes
Hardware supermicro x9drh-7tf - Yes
Hardware supermicro x9drh-if - Yes
Hardware supermicro x9drh-itf - Yes
Hardware supermicro x9dri-f - Yes
Hardware supermicro x9dri-ln4f\+ - Yes
Hardware supermicro x9drl-3f - Yes
Hardware supermicro x9drl-ef - Yes
Hardware supermicro x9drl-if - Yes
Hardware supermicro x9drt-f - Yes
Hardware supermicro x9drt-h6f - Yes
Hardware supermicro x9drt-h6ibff - Yes
Hardware supermicro x9drt-h6ibqf - Yes
Hardware supermicro x9drt-hf\+ - Yes
Hardware supermicro x9drt-ibff - Yes
Hardware supermicro x9drt-ibqf - Yes
Hardware supermicro x9drw-3ln4f\+ - Yes
Hardware supermicro x9drw-3tf\+ - Yes
Hardware supermicro x9drw-7tpf\+ - Yes
Hardware supermicro x9drw-itpf\+ - Yes
Hardware supermicro x9drx\+-f - Yes
Hardware supermicro x9qr7-tf - Yes
Hardware supermicro x9qr7-tf\+ - Yes
Hardware supermicro x9qr7-tf-jbod - Yes
Hardware supermicro x9qri-f - Yes
Hardware supermicro x9qri-f\+ - Yes
Hardware supermicro x9sbaa-f - Yes
Hardware supermicro x9sca-f - Yes
Hardware supermicro x9scd-f - Yes
Hardware supermicro x9sce-f - Yes
Hardware supermicro x9scff-f - Yes
Hardware supermicro x9sci-ln4f - Yes
Hardware supermicro x9scl\+-f - Yes
Hardware supermicro x9scl-f - Yes
Hardware supermicro x9scm-f - Yes
Hardware supermicro x9scm-iif - Yes
Hardware supermicro x9spu-f - Yes
Hardware supermicro x9srd-f - Yes
Hardware supermicro x9sre-3f - Yes
Hardware supermicro x9sre-f - Yes
Hardware supermicro x9srg-f - Yes
Hardware supermicro x9sri-3f - Yes
Hardware supermicro x9sri-f - Yes
Hardware supermicro x9srl-f - Yes
Hardware supermicro x9srw-f - Yes
References