CVE-2013-3620

EPSS 3.6%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 3.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

02 Jan 2020Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312.

Affected products

Supermicro · IPMI

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/89045 https://support.citrix.com/article/CTX216642 http://support.citrix.com/article/CTX216642 https://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf