CVE-2023-34473

Description

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

AMI / MegaRAC-SPx12.0 – 12.2

References

VENDOR_ADVISORYhttps://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf