Details of VAR-201909-0757

ID

VAR-201909-0757

CVE

CVE-2019-16649

TITLE

plural Supermicro Vulnerabilities related to the use of hard-coded credentials in products

Trust: 0.8

sources: JVNDB: JVNDB-2019-009650

DESCRIPTION

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the server managed by the BMC. plural Supermicro The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SuperMicro Supermicro X10 and so on are all server motherboards of American SuperMicro company. A security vulnerability exists in the virtual media service in several Supermicro products. The following products and versions are affected: SuperMicro Supermicro H11; Supermicro H12; Supermicro M11; Supermicro X9; Supermicro X10; Supermicro X11

Trust: 1.71

sources: NVD: CVE-2019-16649 // JVNDB: JVNDB-2019-009650 // VULHUB: VHN-148816

AFFECTED PRODUCTS

vendor:	supermicro	model:	x10sdv-8c-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dac	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10drt-pt	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10dri	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ddw-nt	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	b2ss2-mtf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	a1srm-ln5f-2358	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b10drc-n	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11ssh-tf	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x9dai	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x9drfr	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11spm-tf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x10drd-int	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drd-c\ t\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11dph-i	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11dpt-b	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10slm-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drfr-nt	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drt-p series	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drw-i	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10slm\+-ln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drt-h	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drff-7\/i\ \+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drff-itg	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1sai-2550f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpt-ps	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x9dr7\/e-tf\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	m11sdv-8c-ln4f	scope:	eq	version:	3.15	Trust: 1.0
vendor:	supermicro	model:	x11ssh-ln4f	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x9drg-h\ f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x9drg-h\ f\+ii	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11ddw-l	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x9drw-c\ f31	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10sdv-tp8f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11sds-8c	scope:	eq	version:	3.74.2	Trust: 1.0
vendor:	supermicro	model:	b10drg-ibf2	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11ssh-gf-1585l	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x11dph-tq	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10ddw-in	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sla-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1sri-2558f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-4c-7tp4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dgo-t	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11dpff-sn	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11srl-f	scope:	eq	version:	3.74.2	Trust: 1.0
vendor:	supermicro	model:	x10drh-cln4	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpu-ze\+	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	b10drt	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x9scm\	scope:	eq	version:	2.3	Trust: 1.0
vendor:	supermicro	model:	x11dpx-t	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10qbl	scope:	eq	version:	3.80	Trust: 1.0
vendor:	supermicro	model:	x11spl-f	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x10sll-s	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b2ss1-cf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11ssi-ln4f	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10drd-ltp	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10qrh\+	scope:	eq	version:	3.80	Trust: 1.0
vendor:	supermicro	model:	x9qr7-tf\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10sdv-16c-tln4f\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssw-f	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11spm-tpf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x10sdv-8c-tln4f\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11sri-if	scope:	eq	version:	3.75.00	Trust: 1.0
vendor:	supermicro	model:	x10drw-it	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drc-t4\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssh-ctf	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x11ssd-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11scl-ln4f	scope:	eq	version:	1.23.2	Trust: 1.0
vendor:	supermicro	model:	x9drt series	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drd-i	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drh-ct	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dai-n	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	b9drg-3m	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11dgq	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11dpl-i	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x9sra	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x9dr3\/i-ln4f\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drt-hibf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10dru-x	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-2c-tp4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-4c\+-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10dsc\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drg-qf	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11scl-if	scope:	eq	version:	1.23.2	Trust: 1.0
vendor:	supermicro	model:	x9drw-3ln4f\+\/3tf\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11spw-tf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	b2ss1-cpu	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10qbl-4	scope:	eq	version:	3.80	Trust: 1.0
vendor:	supermicro	model:	x11srm-f	scope:	eq	version:	1.31.1	Trust: 1.0
vendor:	supermicro	model:	x10dri-ln4\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11spa-tf	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10drh-c	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssm-f	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x9scl\+-f	scope:	eq	version:	2.3	Trust: 1.0
vendor:	supermicro	model:	b11dpe	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x9dr7-jln4f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	b10drt-ibf2	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	b9drg	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drfr	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9dbs-f\	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10sat	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssl-cf	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x9drl-3\/if	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10dsn-ts	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drg-ot\+-cpu	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sri-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11spg-tf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x11sse-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10dbt-t	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9srl\	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x9scd series	scope:	eq	version:	2.3	Trust: 1.0
vendor:	supermicro	model:	x10dri-t	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drw-7\/itpf	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11sch-f	scope:	eq	version:	1.23.2	Trust: 1.0
vendor:	supermicro	model:	x9qri-f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x9drg-o\ f-cpu	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10srm-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9db3\/i-\ f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drt-pibq	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drff-ig	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sra	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssw-f	scope:	eq	version:	3.85.00	Trust: 1.0
vendor:	supermicro	model:	x10dgq	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9dbl-3\/i\	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10sdv-2c-7tp4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-6c-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sll\+-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9srg-f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	b1sd2-16c-tf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10drc-ln4\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11spi-tf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x10sdv-2c-tln2f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drs	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10srd-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10obi-cpu	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpfr-sn	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	b11spe-cpu-25g	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10sdv-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssm	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x11ssl	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	b11spe-cpu-tf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x9drh-if-nv	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	a1sai-2750f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10dri-t4\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssh-gtf-1585	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x11dsf-e	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11dpi-nt	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11sca-f	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x9drx\+-f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11sca-w	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10dgo-t	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drd-itp	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1srm-2558f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	m11sdv-8ct-ln4f	scope:	eq	version:	3.15	Trust: 1.0
vendor:	supermicro	model:	x10drl-it	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drd-lt	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9dax-7\/if-hft	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	a1srm-ln7f-2358	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11scl-f	scope:	eq	version:	1.23.2	Trust: 1.0
vendor:	supermicro	model:	x9drd-l\/if	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11dsc\+	scope:	eq	version:	1.74	Trust: 1.0
vendor:	supermicro	model:	x10srg-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9qr7-tf	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drd-it	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drg-q	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b10dri	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x9drw-7\/itpf\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11dpg-sn	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x9drd-ef	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11sph-nctf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x10qbl-4ct	scope:	eq	version:	3.80	Trust: 1.0
vendor:	supermicro	model:	x9drt-hf\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	b2ss1-h-mtf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x9srw-f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drt-libq	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b2ss2-h-mtf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x9drl-7\/ef	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11dpt-l	scope:	eq	version:	3.74	Trust: 1.0
vendor:	supermicro	model:	x9sae\	scope:	eq	version:	2.3	Trust: 1.0
vendor:	supermicro	model:	x9sci-ln4\	scope:	eq	version:	2.3	Trust: 1.0
vendor:	supermicro	model:	x10slx-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drw-et	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9dax-7\/i\ f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	b9drt	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drt-b\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpfr-s	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10sdv-7tp4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10slh-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssw-4tf	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x9drg-h\ f\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11sds-12c	scope:	eq	version:	3.74.2	Trust: 1.0
vendor:	supermicro	model:	x11scw-f	scope:	eq	version:	3.75.00	Trust: 1.0
vendor:	supermicro	model:	x10srw-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11sdd-18c-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11ssh-f	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	b1sd1-tf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10drd-intp	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10srh-cln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1srm-ln7f-2758	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9dr3\/i-f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	m11sdv-4c-ln4f	scope:	eq	version:	3.15	Trust: 1.0
vendor:	supermicro	model:	b10drg-tp	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10sdv-7tp8f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-12c-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b2ss2-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10sdv-4c-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1sri-2358f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-4c\+-tp4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b10drg-ibf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10sdd-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11sdd-8c-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	a1sam-2750f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b1sd2-tf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	b10drt-tp	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11dpu-z\+	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11scm-f	scope:	eq	version:	1.23.2	Trust: 1.0
vendor:	supermicro	model:	x9drff\	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drg-o\+-cpu	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-6c\+-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drh-7\/i\ f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drg-ht	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpg-ot-cpu	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11spw-ctf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x9sre\/i series	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	b9qr7\	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10srh-cf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11qph\+	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10sdv-4c-tln2f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drfr-n	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-16c-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1sam-2550f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drh-i	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11spm-f	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x10drh-iln4	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11srm-vf	scope:	eq	version:	1.31.1	Trust: 1.0
vendor:	supermicro	model:	x10sde-df	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11dpu-x	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10drl-i	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sle-df	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9srh-7\ f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x9drd-it\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10dru-i\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11sds-16c	scope:	eq	version:	3.74.2	Trust: 1.0
vendor:	supermicro	model:	x9qri-f\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10sdv-2c-tp8f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drw-e	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10srm-tf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b9drg-e	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drw-n	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1sri-2758f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10slm\+-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drw-3\/if	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x9drd-7ln4f series	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drt-pibf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpg-qt	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11sph-nctpf	scope:	eq	version:	1.71.6	Trust: 1.0
vendor:	supermicro	model:	x9dal-3\/i	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	b9drp	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11sca	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11spa-t	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11ssh-gtf-1585l	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x9srd-f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10dru-xll	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b11qpi	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x11ssh-gf-1585	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x10sld-hf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpu	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11scd-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10drff-cg	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sll-sf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11opi-cpu	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x9dbu-3\/if	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drt-l	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9da7\/e	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drw-nt	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10qbl-ct	scope:	eq	version:	3.80	Trust: 1.0
vendor:	supermicro	model:	x10sdd-16c-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10drff-ctg	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b10dri-n	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10drt-ps	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1sa2-2750f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drfr-t	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b10drc	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10sdv-16c\+-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11sch-ln4f	scope:	eq	version:	1.23.2	Trust: 1.0
vendor:	supermicro	model:	x10drt-p	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drt-h series	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10drh-it	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9dr7\/e-ln4f	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x11scm-ln8f	scope:	eq	version:	1.23.2	Trust: 1.0
vendor:	supermicro	model:	x10drff-c	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drff	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sle-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dsn-ts	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10drt-libf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drl-ct	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpu-v	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x11ssl-nf	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x10drl-c	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9drff-7\/i\ g\+	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	b11dpt	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	b10drt-ibf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10sdv-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b2ss1-f	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10drl-ln4	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-12c\+-tln4f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	a1srm-2758f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10sdv-12c-tln4f\+	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b9dri	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10sra-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11ssl-f	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	b9dr7	scope:	eq	version:	3.3	Trust: 1.0
vendor:	supermicro	model:	x10qbi	scope:	eq	version:	3.81	Trust: 1.0
vendor:	supermicro	model:	x11dsn-tsq	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x9sca\	scope:	eq	version:	2.3	Trust: 1.0
vendor:	supermicro	model:	x11ssw-tf	scope:	eq	version:	1.56	Trust: 1.0
vendor:	supermicro	model:	x10sae	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	b2ss1-mtf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10drg-h	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	m11sdv-8c\+-ln4f	scope:	eq	version:	3.15	Trust: 1.0
vendor:	supermicro	model:	x11dpu-xll	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10sld-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	m11sdv-4ct-ln4f	scope:	eq	version:	3.15	Trust: 1.0
vendor:	supermicro	model:	x10sll-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x9scl\	scope:	eq	version:	2.3	Trust: 1.0
vendor:	supermicro	model:	x10sle-hf	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dph-t	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10ddw-i	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpt-bh	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10sdv-8c\+-ln2f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drx	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x10drd-l	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dpi-n	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	b1sd1-16c-tf	scope:	eq	version:	3.68	Trust: 1.0
vendor:	supermicro	model:	x10srl-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	supermicro	model:	x11dps-re	scope:	eq	version:	1.71.5	Trust: 1.0
vendor:	supermicro	model:	x10sl7-f	scope:	eq	version:	3.83	Trust: 1.0
vendor:	super micro computer	model:	x11dac	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dai-n	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dph-i	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dph-t	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dph-tq	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dps-re	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dsc+	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dsf-e	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dsn-ts	scope:	-	version:	-	Trust: 0.8
vendor:	super micro computer	model:	x11dsn-tsq	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-009650 // NVD: CVE-2019-16649

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-16649
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2019-16649
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201909-1012
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-148816
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-16649
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-148816
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-16649
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2019-16649
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-148816 // JVNDB: JVNDB-2019-009650 // CNNVD: CNNVD-201909-1012 // NVD: CVE-2019-16649

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.1
problemtype:	CWE-326	Trust: 1.1
problemtype:	CWE-522	Trust: 1.1
problemtype:	CWE-798	Trust: 0.9

sources: VULHUB: VHN-148816 // JVNDB: JVNDB-2019-009650 // NVD: CVE-2019-16649

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201909-1012

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201909-1012

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-009650

PATCH

title:	BMC/IPMI Security Vulnerability	url:	https://www.supermicro.com/support/security_BMC_virtual_media.cfm	Trust: 0.8
title:	Multiple SuperMicro Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98478	Trust: 0.6

sources: JVNDB: JVNDB-2019-009650 // CNNVD: CNNVD-201909-1012

EXTERNAL IDS

db:	NVD	id:	CVE-2019-16649	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-009650	Trust: 0.8
db:	CNNVD	id:	CNNVD-201909-1012	Trust: 0.7
db:	VULHUB	id:	VHN-148816	Trust: 0.1

sources: VULHUB: VHN-148816 // JVNDB: JVNDB-2019-009650 // CNNVD: CNNVD-201909-1012 // NVD: CVE-2019-16649

REFERENCES

url:	https://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/	Trust: 2.5
url:	https://github.com/eclypsium/usbanywhere	Trust: 1.7
url:	https://www.supermicro.com/support/security_bmc_virtual_media.cfm	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-16649	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16649	Trust: 0.8

sources: VULHUB: VHN-148816 // JVNDB: JVNDB-2019-009650 // CNNVD: CNNVD-201909-1012 // NVD: CVE-2019-16649

SOURCES

db:	VULHUB	id:	VHN-148816
db:	JVNDB	id:	JVNDB-2019-009650
db:	CNNVD	id:	CNNVD-201909-1012
db:	NVD	id:	CVE-2019-16649

LAST UPDATE DATE

2024-11-23T23:08:15.698000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-148816	date:	2020-08-24T00:00:00
db:	JVNDB	id:	JVNDB-2019-009650	date:	2019-09-26T00:00:00
db:	CNNVD	id:	CNNVD-201909-1012	date:	2020-09-02T00:00:00
db:	NVD	id:	CVE-2019-16649	date:	2024-11-21T04:30:52.953

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-148816	date:	2019-09-21T00:00:00
db:	JVNDB	id:	JVNDB-2019-009650	date:	2019-09-26T00:00:00
db:	CNNVD	id:	CNNVD-201909-1012	date:	2019-09-20T00:00:00
db:	NVD	id:	CVE-2019-16649	date:	2019-09-21T02:15:11.523