Unrated severityNVD Advisory· Published Dec 10, 2013· Updated Apr 29, 2026
CVE-2013-3623
CVE-2013-3623
Description
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.
Affected products
2cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24:-:-:*:-:-:x9_generation_motherboards:*+ 1 more
- cpe:2.3:o:supermicro:intelligent_platform_management_firmware:2.24:-:-:*:-:-:x9_generation_motherboards:*
- cpe:2.3:o:supermicro:intelligent_platform_management_firmware:*:-:-:*:-:-:x9_generation_motherboards:*range: <=2.26
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.exploit-db.com/exploits/29666nvdExploit
- community.rapid7.com/community/metasploit/blog/2013/11/06/supermicro-ipmi-firmware-vulnerabilitiesnvdExploit
- www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdfnvdVendor Advisory
- www.securityfocus.com/bid/63775nvd
- www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013nvd
- support.citrix.com/article/CTX216642nvd
News mentions
0No linked articles in our index yet.