CVE-2023-34471: Missing Cryptographic Step
First published: Wed Jul 05 2023(Updated: )
AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication.
Credit: biossecurity@ami.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ami Megarac Sp-x | =12 | |
| Ami Megarac Sp-x | =13 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-34471.
What is the severity of CVE-2023-34471?
The severity of CVE-2023-34471 is high with a CVSS score of 8.1.
Which software versions are affected by CVE-2023-34471?
AMI Megarac SP-x version 12 and 13 are affected by CVE-2023-34471.
What is the impact of CVE-2023-34471?
A successful exploit of CVE-2023-34471 may lead to the loss of confidentiality, integrity, and authentication.
Where can I find more information about CVE-2023-34471?
You can find more information about CVE-2023-34471 in the security advisory provided by AMI: [link](https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/references
- agent/tags
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- vendor/ami
- canonical/ami megarac sp-x
- version/ami megarac sp-x/12
- version/ami megarac sp-x/13