Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bmc_firmware
(Intel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-10-29 | CVE-2020-11484 | NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a vulnerability in the AMI BMC firmware in which an attacker with administrative privileges can obtain the hash of the BMC/IPMI user password, which may lead to information disclosure. | Bmc_firmware | 4.9 | ||
| 2020-10-29 | CVE-2020-11489 | NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure. | Bmc_firmware | 7.5 | ||
| 2020-10-29 | CVE-2020-11616 | NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead to information disclosure. | Bmc_firmware | 7.5 | ||
| 2021-02-17 | CVE-2020-12373 | Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access. | Bmc_firmware | 6.7 | ||
| 2021-02-17 | CVE-2020-12377 | Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access. | Bmc_firmware | 7.8 | ||
| 2021-02-17 | CVE-2020-12380 | Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access. | Bmc_firmware | 7.8 | ||
| 2021-02-17 | CVE-2020-12376 | Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access. | Bmc_firmware | 5.5 |