BMC
by Asus
CVEs (31)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-28187 | Med | 0.32 | 4.9 | 0.01 | Apr 6, 2021 | The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to… | ||
| CVE-2021-28186 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to… | ||
| CVE-2021-28185 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to… | ||
| CVE-2021-28184 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally… | ||
| CVE-2021-28183 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to… | ||
| CVE-2021-28182 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate… | ||
| CVE-2021-28181 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to… | ||
| CVE-2021-28180 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to… | ||
| CVE-2021-28179 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to… | ||
| CVE-2021-28176 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web… | ||
| CVE-2021-28175 | Med | 0.32 | 4.9 | 0.02 | Apr 6, 2021 | The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the… |
- risk 0.32cvss 4.9epss 0.01
The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…
- risk 0.32cvss 4.9epss 0.02
The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…
- risk 0.32cvss 4.9epss 0.02
The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…
- risk 0.32cvss 4.9epss 0.02
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally…
- risk 0.32cvss 4.9epss 0.02
The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…
- risk 0.32cvss 4.9epss 0.02
The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate…
- risk 0.32cvss 4.9epss 0.02
The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…
- risk 0.32cvss 4.9epss 0.02
The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…
- risk 0.32cvss 4.9epss 0.02
The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to…
- risk 0.32cvss 4.9epss 0.02
The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web…
- risk 0.32cvss 4.9epss 0.02
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the…
Page 2 of 2