Name of the Vulnerable Software and Affected Versions Supermicro BMC versions (affected versions not specified)

Description The issue is caused by insufficient security restrictions for critical management functions in the virtual media service of Supermicro BMC controllers. This can be exploited by a remote attacker to gain full control over the device by intercepting the authentication packet of a legitimate user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.