CVE-2023-33411

Vulnerability

The directory traversal vulnerability exists in the web server component of the Intelligent Platform Management Interface (IPMI) Baseboard Management Controller (BMC) implementation on Supermicro X11 and M11 based devices with firmware versions up to 3.17.02 [1]. The affected products include select X11, M11, X12, H12, B12, X13, H13, B13, and C9X299 motherboards [1]. The flaw is present in the IPMI BMC SSDP/web server and also affects iKVM access [1].

Exploitation

A remote unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests that traverse directories outside the web root, allowing access to arbitrary files on the BMC filesystem [1]. No authentication or user interaction is required, and the attacker only needs network access to the vulnerable BMC web server [1].

Impact

Successful exploitation allows an attacker to read sensitive files from the BMC, potentially including configuration data, credentials, or other secrets stored on the filesystem [1]. This could lead to further compromise of the BMC and the host system [1]. The vulnerability is rated High severity with a CVSS score likely reflecting the high impact of information disclosure [1].

Mitigation

Supermicro has released updated BMC firmware to address this vulnerability [1]. Affected motherboard SKUs require a BMC update; users should check the release notes and contact technical support for the specific firmware version [1]. As an immediate workaround, it is advised to follow the BMC Configuration Best Practices Guide and configure session timeout to reduce the attack surface [1].