SGI SGI BladeStation, SGI BladeCenter, SGI OriginointelXpress(X2), SGI Originointel(M), SGI Originointel (MX), SGI OriginintelXpress(X2) and SGI Originintel(MX). Solution: Upgrade to SGI Utlility v3.3 Hotfix 2 or later. Workarounds: There is no workaround available. Fixed in 3.3.7 Hotfix 2. CVE-2017-12053: Security Feature bypass vulnerability CVE-2017-12053 exists in the SGIUtility component which allows an attacker to bypass the authentication of the hosted application. This could result in malicious code being executed in the context of the application. Affected Products: SGI OriginintelXpress(V2.0); SGI Originintel(V2.0); SGI OriginintelXpress(V2A); SGI Originintel(V2A); SGI OriginintelXpress(V2.1); SGI Originintel(V2.1); SGI OriginintelXpress(V2.2); SGI Originintel(V2.2); SGI OriginintelXpress(V2.3); SGI Originintel(V2.3); SGI OriginintelXpress(V2.4); SGI Originintel(V2.4); SGI OriginintelXpress(V2.5); SGI
Summary
This is a security feature bypass vulnerability in the SGIUtility component which allows an attacker to bypass the authentication of the hosted application. This could result in malicious code being executed in the context of the application.
SGI Originintel Xpress
This release includes a fix for the CVE-2017-12053 vulnerability that was included in the previous release.
The workarounds for this issue are not available.
SGI OriginintelXpress(V2.0)
SGI OriginintelXpress(V2.0) is an Integrated Intelligent Platform solution that includes Unified Visualization Environment (UVE), and a high-performance, multi-core platform with additional software for computer vision and deep learning, high-performance and intelligent storage systems, as well as the open ecosystem of servers and storage solutions from SGI.
Timeline
Published on: 11/04/2022 13:15:00 UTC
Last modified on: 11/08/2022 16:17:00 UTC