CVE Vulnerabilities

CVE-2023-34335

Authentication Bypass Using an Alternate Path or Channel

Published: Jun 12, 2023 | Modified: Nov 21, 2024
CVSS 3.x
9.1
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability may lead to a loss of integrity or denial of service.

 

Weakness

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

Affected Software

Name Vendor Start Version End Version
Megarac_spx Ami 12.0 (including) 12.7 (excluding)
Megarac_spx Ami 13.0 (including) 13.5 (excluding)

Potential Mitigations

References