CVE-2023-25192
First published: Wed Feb 15 2023(Updated: )
AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ami Megarac Sp-x | =12 | |
| Ami Megarac Sp-x | =13 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-25192.
What is the severity of CVE-2023-25192?
The severity of CVE-2023-25192 is medium with a CVSS score of 5.3.
What is the affected software?
The affected software is AMI MegaRAC SPX versions 12 and 13.
How can User Enumeration be performed through Redfish in AMI MegaRAC SPX devices?
User Enumeration can be performed through Redfish in AMI MegaRAC SPX devices due to a vulnerability.
How can I fix CVE-2023-25192?
To fix CVE-2023-25192, update to the fixed versions SPx12-update-7.00 or SPx13-update-5.00.
- collector/nvd-index
- agent/severity
- agent/type
- agent/author
- agent/weakness
- agent/event
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ami
- canonical/ami megarac sp-x
- version/ami megarac sp-x/12
- version/ami megarac sp-x/13