AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability may lead to a loss of integrity or denial of service.
A product requires authentication, but the product has an alternate path or channel that does not require authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Megarac_spx | Ami | 12.0 (including) | 12.7 (excluding) |
Megarac_spx | Ami | 13.0 (including) | 13.5 (excluding) |