Description
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
CVSS breakdown
CVSS 3.1
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected products
- AMI / MegaRAC-SPx12.0 – 12.2