CVE-2023-34471

Summary

AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication.

Affected Software

VendorProductVersion RangeStatus
AMIMegaRAC_SPx12 < 12.2affected

Weaknesses

  • CWE-325: CWE-325 "Missing Cryptographic Step”

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References