exploitDog

GHSA-x6w7-m2cm-96c3

Опубликовано: 24 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5

Описание

Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service.

Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service.

Ссылки

EPSS

Процентиль: 19%

0.00062

Низкий

5 Medium

CVSS3

CVE ID

Дефекты

CWE-241

Связанные уязвимости

CVE-2024-21927

CVSS3: 5

nvd

5 месяцев назад

Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service.

BDU:2025-02528

CVSS3: 5

fstec

12 месяцев назад

Уязвимость интегрированного контроллера Satellite Management Controller (SMC) микропрограммного обеспечения процессоров AMD MI300X, позволяющая нарушителю выполнить произвольные команды и вызвать отказ в обслуживании

EPSS

Процентиль: 19%

0.00062

Низкий

5 Medium

CVSS3

CVE ID

Дефекты

CWE-241