Vulnerability-Lookup

CNVD-2019-44964

Vulnerability from cnvd - Published: 2019-12-11

Title

SuperMicro X8STi-F操作系统命令注入漏洞

Description

SuperMicro X8STi-F是美国SuperMicro公司的一款计算机主板。 SuperMicro X8STi-F（带有IPMI固件2.06版本和BIOS 02.68版本）中的Virtual Media功能存在操作系统命令注入漏洞。攻击者可利用该漏洞通过向IPMI IP地址发送HTTP请求获得一个持久性的后门。

Severity

中

Formal description

厂商尚未提供漏洞修补方案，请关注厂商主页及时更新： https://www.supermicro.com

Reference

https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.html https://nvd.nist.gov/vuln/detail/CVE-2019-19642

Impacted products

Name
['SuperMicro SuperMicro X8STi-F IPMI 2.06', 'SuperMicro SuperMicro X8STi-F BIOS 02.68']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-19642"
    }
  },
  "description": "SuperMicro X8STi-F\u662f\u7f8e\u56fdSuperMicro\u516c\u53f8\u7684\u4e00\u6b3e\u8ba1\u7b97\u673a\u4e3b\u677f\u3002\n\nSuperMicro X8STi-F\uff08\u5e26\u6709IPMI\u56fa\u4ef62.06\u7248\u672c\u548cBIOS 02.68\u7248\u672c\uff09\u4e2d\u7684Virtual Media\u529f\u80fd\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5411IPMI IP\u5730\u5740\u53d1\u9001HTTP\u8bf7\u6c42\u83b7\u5f97\u4e00\u4e2a\u6301\u4e45\u6027\u7684\u540e\u95e8\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://www.supermicro.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-44964",
  "openTime": "2019-12-11",
  "products": {
    "product": [
      "SuperMicro SuperMicro X8STi-F IPMI 2.06",
      "SuperMicro SuperMicro X8STi-F BIOS 02.68"
    ]
  },
  "referenceLink": "https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.html\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-19642",
  "serverity": "\u4e2d",
  "submitTime": "2019-12-09",
  "title": "SuperMicro X8STi-F\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2019-19642 (GCVE-0-2019-19642)

Vulnerability from cvelistv5 – Published: 2019-12-08 03:39 – Updated: 2024-08-05 02:25

Summary

On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareName. The attacker can achieve a persistent backdoor.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://www.dark-sec.net/2019/12/supermicro-ipmi-…

x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:11.448Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareName. The attacker can achieve a persistent backdoor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-08T03:39:13.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19642",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareName. The attacker can achieve a persistent backdoor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.html",
              "refsource": "MISC",
              "url": "https://www.dark-sec.net/2019/12/supermicro-ipmi-exploitation.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19642",
    "datePublished": "2019-12-08T03:39:13.000Z",
    "dateReserved": "2019-12-08T00:00:00.000Z",
    "dateUpdated": "2024-08-05T02:25:11.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-44964

CVE-2019-19642 (GCVE-0-2019-19642)

Tags

Sightings

Nomenclature