Directory Traversal Vulnerability in Supermicro X11 and M11 BMC Implementation

Directory Traversal Vulnerability in Supermicro X11 and M11 BMC Implementation

CVE-2023-33411 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive information.

Learn more about our Web App Pen Testing.