CVE-2021-26733 The FirstReset_handler_func function in spx_restservice has a broken access control vulnerability that allows an attacker to send reboot commands and cause a DoS.

CVE-2021-26733 The FirstReset_handler_func function in spx_restservice has a broken access control vulnerability that allows an attacker to send reboot commands and cause a DoS.

Standard firmware version 1.10.0 is not affected by this issue. There is no patch available. Workaround: Update the BMC to standard firmware version 1.10.1 or greater. Fix: spx_restservice was updated to address a potential Denial-of-Service (DoS) condition in the FirstReset_handler_func function. The issue has been classified as a Broken Access Control vulnerability by Lanner, and patched in standard firmware version 1.10.1. What to do next? Update to the latest available firmware version.

CVE-2018-2122 spx_restservice is vulnerable to a Sybil attack due to the lack of authentication verification in the spx_restservice. What to do next? Update the BMC to the latest available firmware.

CVE-2018-2121 Multiple issues exist in the spx_restservice that could allow an attacker to remotely execute commands on the BMC. What to do next? Update the BMC to the latest available firmware.

CVE-2018-2119 The spx_restservice sends the administrator’s login information in the spx_batt_info parameter. What to do next? Ensure that the login information is not sent in the spx_batt_info parameter.

CVE-2018-2118 The spx_restservice sends the administrator’s password in the spx_restservice_password parameter. What to do next

Patching for Vulnerable Firmware Instance

There is no patch available. Workaround: Update the BMC to standard firmware version 1.10.1 or greater.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe