Known Vulnerabilities for products from Ami
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ami".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-39539 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2023-12-06 | 2024-01-05 |
| CVE-2023-39538 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2023-12-06 | 2024-01-05 |
| CVE-2023-34473 | AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful explo... | 8.8 - HIGH | 2023-07-05 | 2023-07-12 |
| CVE-2023-34472 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP ... | 6.5 - MEDIUM | 2023-07-05 | 2023-07-12 |
| CVE-2023-34471 | AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based ... | 8.1 - HIGH | 2023-07-05 | 2023-07-12 |
| CVE-2023-34470 | AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. A su... | 7.8 - HIGH | 2023-09-12 | 2023-09-15 |
| CVE-2023-34469 | AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A... | 4.6 - MEDIUM | 2023-09-12 | 2023-09-15 |
| CVE-2023-34345 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary fil... | 6.5 - MEDIUM | 2023-06-12 | 2023-06-20 |
| CVE-2023-34344 | AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid... | 5.3 - MEDIUM | 2023-06-12 | 2023-06-20 |
| CVE-2023-34343 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary she... | 8.8 - HIGH | 2023-06-12 | 2023-06-20 |
| CVE-2023-34342 | AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain... | 9.1 - CRITICAL | 2023-06-12 | 2023-06-20 |
| CVE-2023-34341 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to ar... | 8.8 - HIGH | 2023-06-12 | 2023-06-20 |
| CVE-2023-34338 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded... | 9.8 - CRITICAL | 2023-07-05 | 2023-07-12 |
| CVE-2023-34337 | AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message a... | 8.8 - HIGH | 2023-07-05 | 2023-07-13 |
| CVE-2023-34336 | AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overf... | 8.8 - HIGH | 2023-06-12 | 2023-06-20 |
| CVE-2023-34335 | AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, ... | 9.1 - CRITICAL | 2023-06-12 | 2023-06-20 |
| CVE-2023-34334 | AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary she... | 8.8 - HIGH | 2023-06-12 | 2023-06-20 |
| CVE-2023-34330 | AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Exten... | 8.8 - HIGH | 2023-07-18 | 2023-08-14 |
| CVE-2023-34329 | AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP heade... | 8 - HIGH | 2023-07-18 | 2023-11-07 |
| CVE-2023-28863 | AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity. | 9.1 - CRITICAL | 2023-04-18 | 2023-04-27 |