CVE-2023-34337: Inadequate Encryption Strength
First published: Wed Jul 05 2023(Updated: )
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
Credit: biossecurity@ami.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ami Megarac Sp-x | =12 | |
| Ami Megarac Sp-x | =13 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2023-34337.
What is the title of this vulnerability?
The title of this vulnerability is 'AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength...'.
What is the severity level of CVE-2023-34337?
The severity level of CVE-2023-34337 is high.
What is the affected software of CVE-2023-34337?
The affected software of CVE-2023-34337 is Ami Megarac Sp-x version 12 and version 13.
How can this vulnerability be exploited?
This vulnerability can be exploited by causing an inadequate encryption strength by hash-based message authentication code (HMAC) in the BMC, which may lead to a loss of confidentiality, integrity, and availability.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/references
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/ami
- canonical/ami megarac sp-x
- version/ami megarac sp-x/12
- version/ami megarac sp-x/13