CVE-2023-40289
published 2024-03-27CVE-2023-40289: A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker can exploit this to elevate privileges from a user with BMC administrative privileges.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| supermicro | x11sae-f_firmware | — | — |
| supermicro | x11sse-f_firmware | — | — |
| supermicro | x11ssm-f_firmware | — | — |