Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43309

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.5, requiring local system access to exploit with relatively low complexity without requiring user interaction requiring only low-level privileges . The vulnerability impacts integrity (unauthorized modifications), for affected systems. Impacting 292 products from supermicro, from supermicro, from supermicro and 289 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-04-07T21:15:06.827

Last Modified

2025-02-11T21:15:09.697

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-732
Type: Secondary
CWE-732

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	supermicro	x11ssl-cf_firmware	1.63	Yes
Hardware	supermicro	x11ssl-cf	-	No
Operating System	supermicro	x11dac_firmware	-	Yes
Hardware	supermicro	x11dac	-	No
Operating System	supermicro	x11dai-n_firmware	-	Yes
Hardware	supermicro	x11dai-n	-	No
Operating System	supermicro	x11ddw-l_firmware	-	Yes
Hardware	supermicro	x11ddw-l	-	No
Operating System	supermicro	x11ddw-nt_firmware	-	Yes
Hardware	supermicro	x11ddw-nt	-	No
Operating System	supermicro	x11dgo-t_firmware	-	Yes
Hardware	supermicro	x11dgo-t	-	No
Operating System	supermicro	x11dgq_firmware	-	Yes
Hardware	supermicro	x11dgq	-	No
Operating System	supermicro	x11dpff-sn_firmware	-	Yes
Hardware	supermicro	x11dpff-sn	-	No
Operating System	supermicro	x11dpfr-s_firmware	-	Yes
Hardware	supermicro	x11dpfr-s	-	No
Operating System	supermicro	x11dpfr-sn_firmware	-	Yes
Hardware	supermicro	x11dpfr-sn	-	No
Operating System	supermicro	x11dpg-ot-cpu_firmware	-	Yes
Hardware	supermicro	x11dpg-ot-cpu	-	No
Operating System	supermicro	x11dpg-qt_firmware	-	Yes
Hardware	supermicro	x11dpg-qt	-	No
Operating System	supermicro	x11dpg-sn_firmware	-	Yes
Hardware	supermicro	x11dpg-sn	-	No
Operating System	supermicro	x11dph-i_firmware	-	Yes
Hardware	supermicro	x11dph-i	-	No
Operating System	supermicro	x11dph-t_firmware	-	Yes
Hardware	supermicro	x11dph-t	-	No
Operating System	supermicro	x11dph-tq_firmware	-	Yes
Hardware	supermicro	x11dph-tq	-	No
Operating System	supermicro	x11dpi-n_firmware	-	Yes
Hardware	supermicro	x11dpi-n	-	No
Operating System	supermicro	x11dpi-nt_firmware	-	Yes
Hardware	supermicro	x11dpi-nt	-	No
Operating System	supermicro	x11dpl-i_firmware	-	Yes
Hardware	supermicro	x11dpl-i	-	No
Operating System	supermicro	x11dps-re_firmware	-	Yes
Hardware	supermicro	x11dps-re	-	No
Operating System	supermicro	x11dpt-b_firmware	-	Yes
Hardware	supermicro	x11dpt-b	-	No
Operating System	supermicro	x11dpt-bh_firmware	-	Yes
Hardware	supermicro	x11dpt-bh	-	No
Operating System	supermicro	x11dpt-l_firmware	-	Yes
Hardware	supermicro	x11dpt-l	-	No
Operating System	supermicro	x11dpt-ps_firmware	-	Yes
Hardware	supermicro	x11dpt-ps	-	No
Operating System	supermicro	x11dpu_firmware	-	Yes
Hardware	supermicro	x11dpu	-	No
Operating System	supermicro	x11dpu-v_firmware	-	Yes
Hardware	supermicro	x11dpu-v	-	No
Operating System	supermicro	x11dpu-x_firmware	-	Yes
Hardware	supermicro	x11dpu-x	-	No
Operating System	supermicro	x11dpu-xll_firmware	-	Yes
Hardware	supermicro	x11dpu-xll	-	No
Operating System	supermicro	x11dpu-z\+_firmware	-	Yes
Hardware	supermicro	x11dpu-z\+	-	No
Operating System	supermicro	x11dpu-ze\+_firmware	-	Yes
Hardware	supermicro	x11dpu-ze\+	-	No
Operating System	supermicro	x11dpx-t_firmware	-	Yes
Hardware	supermicro	x11dpx-t	-	No
Operating System	supermicro	x11dsc\+_firmware	-	Yes
Hardware	supermicro	x11dsc\+	-	No
Operating System	supermicro	x11dsf-e_firmware	-	Yes
Hardware	supermicro	x11dsf-e	-	No
Operating System	supermicro	x11dsn-ts_firmware	-	Yes
Hardware	supermicro	x11dsn-ts	-	No
Operating System	supermicro	x11dsn-tsq_firmware	-	Yes
Hardware	supermicro	x11dsn-tsq	-	No
Operating System	supermicro	x11opi-cpu_firmware	-	Yes
Hardware	supermicro	x11opi-cpu	-	No
Operating System	supermicro	x11qph\+_firmware	-	Yes
Hardware	supermicro	x11qph\+	-	No
Operating System	supermicro	x11sae_firmware	-	Yes
Hardware	supermicro	x11sae	-	No
Operating System	supermicro	x11sae_m_firmware	-	Yes
Hardware	supermicro	x11sae_m	-	No
Operating System	supermicro	x11sat_firmware	-	Yes
Hardware	supermicro	x11sat	-	No
Operating System	supermicro	x11sba_firmware	-	Yes
Hardware	supermicro	x11sba	-	No
Operating System	supermicro	x11sca_firmware	-	Yes
Hardware	supermicro	x11sca	-	No
Operating System	supermicro	x11sca-f_firmware	-	Yes
Hardware	supermicro	x11sca-f	-	No
Operating System	supermicro	x11sca-w_firmware	-	Yes
Hardware	supermicro	x11sca-w	-	No
Operating System	supermicro	x11scd-f_firmware	-	Yes
Hardware	supermicro	x11scd-f	-	No
Operating System	supermicro	x11sch-f_firmware	-	Yes
Hardware	supermicro	x11sch-f	-	No
Operating System	supermicro	x11sch-ln4f_firmware	-	Yes
Hardware	supermicro	x11sch-ln4f	-	No
Operating System	supermicro	x11scl-f_firmware	-	Yes
Hardware	supermicro	x11scl-f	-	No
Operating System	supermicro	x11scl-if_firmware	-	Yes
Hardware	supermicro	x11scl-if	-	No
Operating System	supermicro	x11scl-ln4f_firmware	-	Yes
Hardware	supermicro	x11scl-ln4f	-	No
Operating System	supermicro	x11scm-f_firmware	-	Yes
Hardware	supermicro	x11scm-f	-	No
Operating System	supermicro	x11scm-ln8f_firmware	-	Yes
Hardware	supermicro	x11scm-ln8f	-	No
Operating System	supermicro	x11scw-f_firmware	-	Yes
Hardware	supermicro	x11scw-f	-	No
Operating System	supermicro	x11sdd-18c-f_firmware	-	Yes
Hardware	supermicro	x11sdd-18c-f	-	No
Operating System	supermicro	x11sdd-8c-f_firmware	-	Yes
Hardware	supermicro	x11sdd-8c-f	-	No
Operating System	supermicro	x11sds-12c_firmware	-	Yes
Hardware	supermicro	x11sds-12c	-	No
Operating System	supermicro	x11sds-16c_firmware	-	Yes
Hardware	supermicro	x11sds-16c	-	No
Operating System	supermicro	x11sds-8c_firmware	-	Yes
Hardware	supermicro	x11sds-8c	-	No
Operating System	supermicro	x11spa-t_firmware	-	Yes
Hardware	supermicro	x11spa-t	-	No
Operating System	supermicro	x11spa-tf_firmware	-	Yes
Hardware	supermicro	x11spa-tf	-	No
Operating System	supermicro	x11spg-tf_firmware	-	Yes
Hardware	supermicro	x11spg-tf	-	No
Operating System	supermicro	x11sph-nctf_firmware	-	Yes
Hardware	supermicro	x11sph-nctf	-	No
Operating System	supermicro	x11sph-nctpf_firmware	-	Yes
Hardware	supermicro	x11sph-nctpf	-	No
Operating System	supermicro	x11spi-tf_firmware	-	Yes
Hardware	supermicro	x11spi-tf	-	No
Operating System	supermicro	x11spl-f_firmware	-	Yes
Hardware	supermicro	x11spl-f	-	No
Operating System	supermicro	x11spm-f_firmware	-	Yes
Hardware	supermicro	x11spm-f	-	No
Operating System	supermicro	x11spm-tf_firmware	-	Yes
Hardware	supermicro	x11spm-tf	-	No
Operating System	supermicro	x11spm-tpf_firmware	-	Yes
Hardware	supermicro	x11spm-tpf	-	No
Operating System	supermicro	x11spw-ctf_firmware	-	Yes
Hardware	supermicro	x11spw-ctf	-	No
Operating System	supermicro	x11spw-tf_firmware	-	Yes
Hardware	supermicro	x11spw-tf	-	No
Operating System	supermicro	x11sra_firmware	-	Yes
Hardware	supermicro	x11sra	-	No
Operating System	supermicro	x11sri-if_firmware	-	Yes
Hardware	supermicro	x11sri-if	-	No
Operating System	supermicro	x11srl-f_firmware	-	Yes
Hardware	supermicro	x11srl-f	-	No
Operating System	supermicro	x11srm_firmware	-	Yes
Hardware	supermicro	x11srm	-	No
Operating System	supermicro	x11srm-f_firmware	-	Yes
Hardware	supermicro	x11srm-f	-	No
Operating System	supermicro	x11srm-vf_firmware	-	Yes
Hardware	supermicro	x11srm-vf	-	No
Operating System	supermicro	x11ssd-f_firmware	-	Yes
Hardware	supermicro	x11ssd-f	-	No
Operating System	supermicro	x11sse-f_firmware	-	Yes
Hardware	supermicro	x11sse-f	-	No
Operating System	supermicro	x11ssh-ctf_firmware	-	Yes
Hardware	supermicro	x11ssh-ctf	-	No
Operating System	supermicro	x11ssh-f_firmware	-	Yes
Hardware	supermicro	x11ssh-f	-	No
Operating System	supermicro	x11ssh-gf-1585_firmware	-	Yes
Hardware	supermicro	x11ssh-gf-1585	-	No
Operating System	supermicro	x11ssh-gf-1585l_firmware	-	Yes
Hardware	supermicro	x11ssh-gf-1585l	-	No
Operating System	supermicro	x11ssh-gtf-1585_firmware	-	Yes
Hardware	supermicro	x11ssh-gtf-1585	-	No
Operating System	supermicro	x11ssh-gtf-1585l_firmware	-	Yes
Hardware	supermicro	x11ssh-gtf-1585l	-	No
Operating System	supermicro	x11ssh-ln4f_firmware	-	Yes
Hardware	supermicro	x11ssh-ln4f	-	No
Operating System	supermicro	x11ssh-tf_firmware	-	Yes
Hardware	supermicro	x11ssh-tf	-	No
Operating System	supermicro	x11ssi-ln4f_firmware	-	Yes
Hardware	supermicro	x11ssi-ln4f	-	No
Operating System	supermicro	x11ssl_firmware	-	Yes
Hardware	supermicro	x11ssl	-	No
Operating System	supermicro	x11ssl-cf_firmware	-	Yes
Hardware	supermicro	x11ssl-cf	-	No
Operating System	supermicro	x11ssl-f_firmware	-	Yes
Hardware	supermicro	x11ssl-f	-	No
Operating System	supermicro	x11ssl-nf_firmware	-	Yes
Hardware	supermicro	x11ssl-nf	-	No
Operating System	supermicro	x11ssm_firmware	-	Yes
Hardware	supermicro	x11ssm	-	No
Operating System	supermicro	x11ssm-f_firmware	-	Yes
Hardware	supermicro	x11ssm-f	-	No
Operating System	supermicro	x11ssn_firmware	-	Yes
Hardware	supermicro	x11ssn	-	No
Operating System	supermicro	x11ssq_firmware	-	Yes
Hardware	supermicro	x11ssq	-	No
Operating System	supermicro	x11ssql_firmware	-	Yes
Hardware	supermicro	x11ssql	-	No
Operating System	supermicro	x11ssv-lvds_firmware	-	Yes
Hardware	supermicro	x11ssv-lvds	-	No
Operating System	supermicro	x11ssv-q_firmware	-	Yes
Hardware	supermicro	x11ssv-q	-	No
Operating System	supermicro	x11ssw-4tf_firmware	-	Yes
Hardware	supermicro	x11ssw-4tf	-	No
Operating System	supermicro	x11ssw-f_firmware	-	Yes
Hardware	supermicro	x11ssw-f	-	No
Operating System	supermicro	x11ssw-tf_firmware	-	Yes
Hardware	supermicro	x11ssw-tf	-	No
Operating System	supermicro	x11ssz-f_firmware	-	Yes
Hardware	supermicro	x11ssz-f	-	No
Operating System	supermicro	x11ssz-tln4f_firmware	-	Yes
Hardware	supermicro	x11ssz-tln4f	-	No
Operating System	supermicro	x12dai-n6_firmware	-	Yes
Hardware	supermicro	x12dai-n6	-	No
Operating System	supermicro	x12ddw-a6_firmware	-	Yes
Hardware	supermicro	x12ddw-a6	-	No
Operating System	supermicro	x12dpg-qt6_firmware	-	Yes
Hardware	supermicro	x12dpg-qt6	-	No
Operating System	supermicro	x12dpi-n6_firmware	-	Yes
Hardware	supermicro	x12dpi-n6	-	No
Operating System	supermicro	x12dpi-nt6_firmware	-	Yes
Hardware	supermicro	x12dpi-nt6	-	No
Operating System	supermicro	x12dpl-i6_firmware	-	Yes
Hardware	supermicro	x12dpl-i6	-	No
Operating System	supermicro	x12dpl-nt6_firmware	-	Yes
Hardware	supermicro	x12dpl-nt6	-	No
Operating System	supermicro	x12spa-tf_firmware	-	Yes
Hardware	supermicro	x12spa-tf	-	No
Operating System	supermicro	x12spi-tf_firmware	-	Yes
Hardware	supermicro	x12spi-tf	-	No
Operating System	supermicro	x12spl-f_firmware	-	Yes
Hardware	supermicro	x12spl-f	-	No
Operating System	supermicro	x12spl-ln4f_firmware	-	Yes
Hardware	supermicro	x12spl-ln4f	-	No
Operating System	supermicro	x12spm-ln4f_firmware	-	Yes
Hardware	supermicro	x12spm-ln4f	-	No
Operating System	supermicro	x12spm-ln6tf_firmware	-	Yes
Hardware	supermicro	x12spm-ln6tf	-	No
Operating System	supermicro	x12spm-tf_firmware	-	Yes
Hardware	supermicro	x12spm-tf	-	No
Operating System	supermicro	x12spo-f_firmware	-	Yes
Hardware	supermicro	x12spo-f	-	No
Operating System	supermicro	x12spo-ntf_firmware	-	Yes
Hardware	supermicro	x12spo-ntf	-	No
Operating System	supermicro	x12spw-f_firmware	-	Yes
Hardware	supermicro	x12spw-f	-	No
Operating System	supermicro	x12spw-tf_firmware	-	Yes
Hardware	supermicro	x12spw-tf	-	No
Operating System	supermicro	x12spz-ln4f_firmware	-	Yes
Hardware	supermicro	x12spz-ln4f	-	No
Operating System	supermicro	x12spz-spln6f_firmware	-	Yes
Hardware	supermicro	x12spz-spln6f	-	No
Operating System	supermicro	h12ssg-anp6_firmware	-	Yes
Hardware	supermicro	h12ssg-anp6	-	No
Operating System	supermicro	h12ssw-in_firmware	-	Yes
Hardware	supermicro	h12ssw-in	-	No
Operating System	supermicro	h12ssw-nt_firmware	-	Yes
Hardware	supermicro	h12ssw-nt	-	No
Operating System	supermicro	h12ssw-inl_firmware	-	Yes
Hardware	supermicro	h12ssw-inl	-	No
Operating System	supermicro	h12ssw-ntl_firmware	-	Yes
Hardware	supermicro	h12ssw-ntl	-	No
Operating System	supermicro	h12sst-ps_firmware	-	Yes
Hardware	supermicro	h12sst-ps	-	No
Operating System	supermicro	h12ssl-i_firmware	-	Yes
Hardware	supermicro	h12ssl-i	-	No
Operating System	supermicro	h12ssl-c_firmware	-	Yes
Hardware	supermicro	h12ssl-c	-	No
Operating System	supermicro	h12ssl-ct_firmware	-	Yes
Hardware	supermicro	h12ssl-ct	-	No
Operating System	supermicro	h12ssl-nt_firmware	-	Yes
Hardware	supermicro	h12ssl-nt	-	No
Operating System	supermicro	h12ssw-inr_firmware	-	Yes
Hardware	supermicro	h12ssw-inr	-	No
Operating System	supermicro	h12ssw-ntr_firmware	-	Yes
Hardware	supermicro	h12ssw-ntr	-	No
Operating System	supermicro	h12ssff-an6_firmware	-	Yes
Hardware	supermicro	h12ssff-an6	-	No
Operating System	supermicro	h12dsu-in_firmware	-	Yes
Hardware	supermicro	h12dsu-in	-	No
Operating System	supermicro	h12dst-b_firmware	-	Yes
Hardware	supermicro	h12dst-b	-	No
Operating System	supermicro	h12dsu-inr_firmware	-	Yes
Hardware	supermicro	h12dsu-inr	-	No
Operating System	supermicro	h12dgo-6_firmware	-	Yes
Hardware	supermicro	h12dgo-6	-	No
Operating System	supermicro	h12dsg-o-cpu_firmware	-	Yes
Hardware	supermicro	h12dsg-o-cpu	-	No
Operating System	supermicro	h12dsi-n6_firmware	-	Yes
Hardware	supermicro	h12dsi-n6	-	No
Operating System	supermicro	h12dsi-nt6_firmware	-	Yes
Hardware	supermicro	h12dsi-nt6	-	No
Operating System	supermicro	h11dsi_firmware	-	Yes
Hardware	supermicro	h11dsi	-	No
Operating System	supermicro	h11dsi-nt_firmware	-	Yes
Hardware	supermicro	h11dsi-nt	-	No
Operating System	supermicro	h11dst-b_firmware	-	Yes
Hardware	supermicro	h11dst-b	-	No
Operating System	supermicro	h11dsu-in_firmware	-	Yes
Hardware	supermicro	h11dsu-in	-	No

References

http://supermicro.com Product ([email protected])
http://x11ssl-cf.com Broken Link ([email protected])
https://www.supermicro.com/en/support/security_VRM_Jan_2023 Vendor Advisory ([email protected])
http://supermicro.com Product (af854a3a-2127-422b-91ae-364da2661108)
http://x11ssl-cf.com Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://www.supermicro.com/en/support/security_VRM_Jan_2023 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For supermicro's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.