OpenBMC
by Intel
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-39296 | Cri | 0.65 | 10.0 | 0.03 | Sep 9, 2021 | In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system. | ||
| CVE-2022-35729 | Hig | 0.49 | 7.5 | 0.01 | Feb 16, 2023 | Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access. | ||
| CVE-2022-29494 | Med | 0.42 | 6.5 | 0.01 | Feb 16, 2023 | Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access. |
- risk 0.65cvss 10.0epss 0.03
In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.
- risk 0.49cvss 7.5epss 0.01
Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.
- risk 0.42cvss 6.5epss 0.01
Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.