Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Asmb8\-Ikvm_firmware
(Asus)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-06 | CVE-2021-28175 | The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28176 | The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28177 | The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28178 | The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28179 | The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28180 | The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28181 | The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28182 | The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28183 | The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 | ||
| 2021-04-06 | CVE-2021-28184 | The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | Asmb8\-Ikvm_firmware, Z10pe\-D16_ws_firmware, Z10pr\-D16_firmware | 4.9 |