Unrated severityNVD Advisory· Published Dec 10, 2013· Updated Apr 29, 2026

CVE-2013-3622

Description

Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allows remote authenticated users to execute arbitrary code via the SID parameter.

Affected products

Supermicro/Intelligent Platform Management Firmware2 versions
cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24:-:-:*:-:-:x9_generation_motherboards:*+ 1 more
- cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24:-:-:*:-:-:x9_generation_motherboards:*
- cpe:2.3:o:supermicro:intelligent_platform_management_firmware:*:-:-:*:-:-:x9_generation_motherboards:*range: <=2.26

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilitiesnvdExploit
www.securityfocus.com/bid/64259nvd
support.citrix.com/article/CTX216642nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000