VYPR

OpenBMC

by Intel

CVEs (3)

  • CVE-2021-39296CriSep 9, 2021
    risk 0.65cvss 10.0epss 0.03

    In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.

  • CVE-2022-35729HigFeb 16, 2023
    risk 0.49cvss 7.5epss 0.01

    Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.

  • CVE-2022-29494MedFeb 16, 2023
    risk 0.42cvss 6.5epss 0.01

    Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.