CVE-2020-5633

Name of the Vulnerable Software and Affected Versions: NEC Express5800/T110j versions with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier NEC Express5800/T110j-S versions with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier NEC Express5800/T110j (2nd-Gen) versions with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier NEC Express5800/T110j-S (2nd-Gen) versions with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier NEC iStorage NS100Ti versions with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier NEC Express5800/GT110j versions with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier

Description: The issue allows remote attackers to bypass authentication and then obtain or modify Baseboard Management Controller (BMC) setting information, obtain monitoring information, or reboot or shut down the vulnerable product via unspecified vectors.

Recommendations: For NEC Express5800/T110j with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier, update the BMC firmware to a version later than Rev1.09. For NEC Express5800/T110j-S with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier, update the BMC firmware to a version later than Rev1.09. For NEC Express5800/T110j (2nd-Gen) with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier, update the BMC firmware to a version later than Rev1.09. For NEC Express5800/T110j-S (2nd-Gen) with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier, update the BMC firmware to a version later than Rev1.09. For NEC iStorage NS100Ti with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier, update the BMC firmware to a version later than Rev1.09. For NEC Express5800/GT110j with Baseboard Management Controller (BMC) firmware Rev1.09 and earlier, update the BMC firmware to a version later than Rev1.09.