CVE-2013-3620
First published: Thu Jan 02 2020(Updated: )
Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Supermicro Smt X9 Firmware | <3.15 | |
| Supermicro Sh7758 | ||
| Supermicro Smt X8 Firmware | <3.12 | |
| Supermicro Sh7757 | ||
| Citrix Netscaler Sdx Firmware | =10 | |
| Citrix Netscaler Sdx | ||
| Citrix Netscaler Firmware | ||
| Citrix NetScaler | ||
| Citrix Netscaler Sd-wan Firmware | ||
| Citrix NetScaler SD-WAN |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://support.citrix.com/article/CTX216642
- https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89045
- https://support.citrix.com/article/CTX216642
- https://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2013-3620.
What is the severity of CVE-2013-3620?
The severity of CVE-2013-3620 is high with a severity value of 7.5.
Which software versions are affected by CVE-2013-3620?
Supermicro X9 generation motherboards with firmware before 3.15 (SMT_X9_315) and Supermicro X8 generation motherboards with firmware before SMT X8 312 are affected by CVE-2013-3620.
How can I fix CVE-2013-3620?
To fix CVE-2013-3620, update the firmware for the affected Supermicro motherboards to version 3.15 (SMT_X9_315) for X9 generation motherboards and version 3.12 (SMT X8 312) for X8 generation motherboards.
Where can I find more information about CVE-2013-3620?
You can find more information about CVE-2013-3620 at the following references: [1] http://support.citrix.com/article/CTX216642, [2] https://community.rapid7.com/community/metasploit/blog/2013/11/05/supermicro-ipmi-firmware-vulnerabilities, [3] https://exchange.xforce.ibmcloud.com/vulnerabilities/89045
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/supermicro
- canonical/supermicro smt x9 firmware
- canonical/supermicro sh7758
- canonical/supermicro smt x8 firmware
- canonical/supermicro sh7757
- vendor/citrix
- canonical/citrix netscaler sdx firmware
- version/citrix netscaler sdx firmware/10
- canonical/citrix netscaler sdx
- canonical/citrix netscaler firmware
- canonical/citrix netscaler
- canonical/citrix netscaler sd-wan firmware
- canonical/citrix netscaler sd-wan