CVE-2013-3623

Name of the Vulnerable Software and Affected Versions Supermicro X9 generation motherboards with firmware before 3.15 (SMT X9 315)

Description The issue is related to multiple stack-based buffer overflows in the cgi/close window.cgi file within the web interface of the Intelligent Platform Management Interface (IPMI). This can be exploited by remote attackers to execute arbitrary code via the sess sid or ACT parameters.

Recommendations For Supermicro X9 generation motherboards with firmware before 3.15 (SMT X9 315), update the firmware to version 3.15 (SMT X9 315) or later to resolve the issue. As a temporary workaround, consider restricting access to the cgi/close window.cgi file in the web interface to minimize the risk of exploitation. Avoid using the sess sid and ACT parameters in the affected API endpoint until the issue is resolved.