1. Home
  2. CVE Database
  3. CVE-2022-43309
MEDIUM · 5.5

CVE-2022-43309

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

Vulnerability Description

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
SupermicroX11Ssl-Cf Firmware1.63
SupermicroX11Ssl-Cf-
SupermicroX11Dac Firmware-
SupermicroX11Dac-
SupermicroX11Dai-N Firmware-
SupermicroX11Dai-N-
SupermicroX11Ddw-L Firmware-
SupermicroX11Ddw-L-
SupermicroX11Ddw-Nt Firmware-
SupermicroX11Ddw-Nt-
SupermicroX11Dgo-T Firmware-
SupermicroX11Dgo-T-
SupermicroX11Dgq Firmware-
SupermicroX11Dgq-
SupermicroX11Dpff-Sn Firmware-
SupermicroX11Dpff-Sn-
SupermicroX11Dpfr-S Firmware-
SupermicroX11Dpfr-S-
SupermicroX11Dpfr-Sn Firmware-
SupermicroX11Dpfr-Sn-

Related Weaknesses (CWE)

CWE-732

References

FAQ

What is CVE-2022-43309?

CVE-2022-43309 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.

How severe is CVE-2022-43309?

CVE-2022-43309 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-43309?

Check the references section above for vendor advisories and patch information. Affected products include: Supermicro X11Ssl-Cf Firmware, Supermicro X11Ssl-Cf, Supermicro X11Dac Firmware, Supermicro X11Dac, Supermicro X11Dai-N Firmware.