Known Vulnerabilities for products from Supermicro
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Supermicro".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Supermicro can be found at device.report : Supermicro
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-35861 | A shell-injection vulnerability in email notifications on Supermicro motherboards (such as H12DST-B before 03.10.35) allows r... | 9.8 - CRITICAL | 2023-07-31 | 2023-08-07 |
| CVE-2023-34853 | Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via mani... | 7.8 - HIGH | 2023-08-22 | 2023-08-29 |
| CVE-2022-43309 | Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. | 5.5 - MEDIUM | 2023-04-07 | 2023-04-21 |
| CVE-2021-22887 | A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compr... | 2.3 - LOW | 2021-03-16 | 2021-03-22 |
| CVE-2020-15046 | The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to expl... | 8.8 - HIGH | 2020-06-24 | 2020-07-13 |
| CVE-2019-19642 | On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Inject... | 8.8 - HIGH | 2019-12-08 | 2019-12-18 |
| CVE-2019-16650 | On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the ... | 10 - CRITICAL | 2019-09-21 | 2020-08-24 |
| CVE-2019-16649 | On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtua... | 10 - CRITICAL | 2019-09-21 | 2020-08-24 |
| CVE-2019-13131 | Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary c... | 9.8 - CRITICAL | 2019-07-01 | 2020-08-24 |
| CVE-2018-13787 | Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, all... | 6.7 - MEDIUM | 2018-07-09 | 2019-10-03 |
| CVE-2013-6785 | Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to ... | 4.3 - MEDIUM | 2020-01-23 | 2020-02-04 |
| CVE-2013-4782 | The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by usi... | 10 - HIGH | 2013-07-08 | 2013-10-16 |
| CVE-2013-3623 | Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Int... | 10 - HIGH | 2013-12-10 | 2017-11-15 |
| CVE-2013-3622 | Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) ... | 9 - HIGH | 2013-12-10 | 2017-11-15 |
| CVE-2013-3620 | Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation mo... | 7.5 - HIGH | 2020-01-02 | 2020-01-14 |
| CVE-2013-3619 | Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 an... | 8.1 - HIGH | 2020-01-02 | 2020-01-15 |
| CVE-2013-3609 | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F,... | 10 - HIGH | 2013-09-08 | 2017-11-15 |
| CVE-2013-3608 | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F,... | 10 - HIGH | 2013-09-08 | 2017-11-15 |
| CVE-2013-3607 | Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementa... | 10 - HIGH | 2013-09-08 | 2017-11-15 |
Known software with vulnerabilities from Supermicro
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Supermicro | B9dr7 | - |
| Operating System | Supermicro | B9dr7 Firmware | 3.3 |
| Hardware | Supermicro | B9drg | - |
| Hardware | Supermicro | B9drg-3m | - |
| Operating System | Supermicro | B9drg-3m Firmware | 3.3 |
| Hardware | Supermicro | B9drg-e | - |
| Operating System | Supermicro | B9drg-e Firmware | 3.3 |
| Operating System | Supermicro | B9drg Firmware | 3.3 |
| Hardware | Supermicro | B9dri | - |
| Operating System | Supermicro | B9dri Firmware | 3.3 |
| Hardware | Supermicro | B9drp | - |
| Operating System | Supermicro | B9drp Firmware | 3.3 |
| Hardware | Supermicro | B9drt | - |
| Operating System | Supermicro | B9drt Firmware | 3.3 |
| Hardware | Supermicro | B9qr7-tp | - |
| Operating System | Supermicro | B9qr7-tp Firmware | 3.3 |
| Hardware | Supermicro | H8dcl-6f | - |
| Hardware | Supermicro | H8dcl-if | - |
| Hardware | Supermicro | H8dct-hibqf | - |
| Hardware | Supermicro | H8dct-hln4f | - |