CVE-2013-4786 — Vulnetix

CVE-2013-4786 PUBLISHED CVSS 7.5 HIGH

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.

EPSS 66.93% · 98.6th percentile

Risk Scores

CVSS 3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

66.93%

98.6th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
oracle	fujitsu_m10_firmware	0
intel	intelligent_platform_management_interface	2.0

Exploit Intelligence

Glibc-Vulnerability-Exploit-CVE-2015-7547 (github-poc)
Glibc-Vulnerability-Exploit-CVE-2015-7547 (github-poc)
Glibc-Vulnerability-Exploit-CVE-2015-7547 (github-poc)
Glibc-Vulnerability-Exploit-CVE-2015-7547 (github-poc)
Glibc-Vulnerability-Exploit-CVE-2015-7547 (github-poc)
Glibc-Vulnerability-Exploit-CVE-2015-7547 (github-poc)
CVE-2015-7547 initial research. (github-poc)
CVE-2015-7547 initial research. (github-poc)
CVE-2015-7547 initial research. (github-poc)
CVE-2015-7547 initial research. (github-poc)

…and 133 more exploits

Timeline

Jul 2, 2013 CVE Published
Jul 2, 2013 PoC Published
Jun 20, 2016 PoC Published
Apr 30, 2017 PoC Published
May 29, 2018 PoC Published
Jul 20, 2018 PoC Published
Aug 15, 2019 PoC Published
Feb 4, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Jul 8, 2023 EPSS Score
Oct 24, 2023 EPSS Score
Mar 25, 2024 EPSS Score

References

Open in Interactive Console →