OpenBMCS
Products
1- 9 CVEs
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-39296 | Cri | 0.65 | 10.0 | 0.03 | Sep 9, 2021 | In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system. | ||
| CVE-2021-39295 | Hig | 0.49 | 7.5 | 0.01 | Apr 15, 2023 | In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface. | ||
| CVE-2021-47718 | 0.00 | — | 0.00 | Dec 9, 2025 | OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database… | |||
| CVE-2021-47704 | 0.00 | — | 0.00 | Dec 9, 2025 | OpenBMCS 2.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting arbitrary SQL code. Attackers can send GET requests to /debug/obix_test.php with malicious 'id' values to extract database information. | |||
| CVE-2021-47703 | 0.00 | — | 0.00 | Dec 9, 2025 | OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external… | |||
| CVE-2021-47702 | 0.00 | — | 0.00 | Dec 9, 2025 | OpenBMCS 2.4 contains a CSRF vulnerability that allows attackers to perform actions with administrative privileges by exploiting the sendFeedback.php endpoint. Attackers can submit malicious requests to trigger unintended actions, such as sending emails or modifying system… | |||
| CVE-2021-47701 | 0.00 | — | 0.00 | Dec 9, 2025 | OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the update_user_permissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in… | |||
| CVE-2024-35124 | 0.00 | — | 0.00 | Aug 13, 2024 | A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674. | |||
| CVE-2020-14156 | Hig | 0.00 | 8.8 | 0.02 | Jun 15, 2020 | user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions. |
- risk 0.65cvss 10.0epss 0.03
In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.
- risk 0.49cvss 7.5epss 0.01
In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface.
- CVE-2021-47718Dec 9, 2025risk 0.00cvss —epss 0.00
OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database…
- CVE-2021-47704Dec 9, 2025risk 0.00cvss —epss 0.00
OpenBMCS 2.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting arbitrary SQL code. Attackers can send GET requests to /debug/obix_test.php with malicious 'id' values to extract database information.
- CVE-2021-47703Dec 9, 2025risk 0.00cvss —epss 0.00
OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external…
- CVE-2021-47702Dec 9, 2025risk 0.00cvss —epss 0.00
OpenBMCS 2.4 contains a CSRF vulnerability that allows attackers to perform actions with administrative privileges by exploiting the sendFeedback.php endpoint. Attackers can submit malicious requests to trigger unintended actions, such as sending emails or modifying system…
- CVE-2021-47701Dec 9, 2025risk 0.00cvss —epss 0.00
OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the update_user_permissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in…
- CVE-2024-35124Aug 13, 2024risk 0.00cvss —epss 0.00
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674.
- risk 0.00cvss 8.8epss 0.02
user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions.