CVE-2021-39296 - OpenCVE

In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Openbmc-project	Openbmc

Configuration 1 [-]

cpe:2.3:a:openbmc-project:openbmc:2.9.0:-:*:*:*:*:*:*

References

Link	Resource
https://github.com/google/security-research/security/advisories/GHSA-gg9x-v835-m48q	Exploit Third Party Advisory
https://github.com/openbmc/openbmc	Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-09-09T00:00:00

Updated: 2023-02-14T00:00:00

Reserved: 2021-08-19T00:00:00

Link: CVE-2021-39296

JSON object: View

NVD Information

Status : Modified

Published: 2021-09-09T18:15:09.097

Modified: 2023-02-14T20:15:11.487

Link: CVE-2021-39296

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openbmc-project:openbmc:2.9.0:-:*:*:*:*:*:*", "matchCriteriaId": "FCEA7190-90D4-4D7A-8DE1-7E4299EC0488", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system."}, {"lang": "es", "value": "En OpenBMC versi\u00f3n 2.9, los mensajes IPMI dise\u00f1ados permiten a un atacante omitir la autenticaci\u00f3n y conseguir el control total del sistema"}], "id": "CVE-2021-39296", "lastModified": "2023-02-14T20:15:11.487", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-09T18:15:09.097", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/google/security-research/security/advisories/GHSA-gg9x-v835-m48q"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/openbmc/openbmc"}, {"source": "cve@mitre.org", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}