CVE-2013-3622

Name of the Vulnerable Software and Affected Versions Supermicro X9 generation motherboards with firmware before 3.15 (SMT X9 315)

Description The issue is related to a buffer overflow in the logout.cgi file within the Intelligent Platform Management Interface (IPMI) that can be exploited by remote authenticated users to execute arbitrary code. This is achieved by manipulating the SID parameter.

Recommendations For Supermicro X9 generation motherboards with firmware before 3.15 (SMT X9 315), update the firmware to version 3.15 (SMT X9 315) or later to resolve the issue. As a temporary workaround, consider restricting access to the logout.cgi file until the update is applied. Avoid using the SID parameter in the logout.cgi file until the firmware is updated.