CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-2955

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1260%
EPSS Percentile43.41th
Published2014年7月14日
Last Modified2026年5月6日

Vulnerability Description

Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Affected Platforms (CPE)

💻
Raritan

Px

<= 1.5.8
💻
Raritan

Px

= 1.0
💻
Raritan

Px

= 1.0.4
💻
Raritan

Px

= 1.1
💻
Raritan

Px

= 1.1.6
💻
Raritan

Px

= 1.2
💻
Raritan

Px

= 1.2.5
💻
Raritan

Px

= 1.2.7
💻
Raritan

Px

= 1.3
💻
Raritan

Px

= 1.3.1
💻
Raritan

Px

= 1.3.5
💻
Raritan

Px

= 1.4.1
💻
Raritan

Px

= 1.5
💻
Raritan

Px

= 1.5.4
💻
Raritan

Px

= 1.5.7
🔌
Raritan

Dpxr20a 16

All versions

References & Advisories

🔗 http://seclists.org/fulldisclosure/2014/Jul/14
🔗 http://www.kb.cert.org/vuls/id/712660
🔗 http://seclists.org/fulldisclosure/2014/Jul/14
🔗 http://www.kb.cert.org/vuls/id/712660

関連する脆弱性情報

CVE-2014-054210.0

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR be...

CVE-2014-054310.0

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR be...

CVE-2014-845610.0

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-937110.0

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a craf...