{"containers": {"cna": {"affected": [{"product": "BMC firmware for Z10PR-D16", "vendor": "ASUS", "versions": [{"status": "affected", "version": "1.14.51"}]}, {"product": "BMC firmware for ASMB8-iKVM", "vendor": "ASUS", "versions": [{"status": "affected", "version": "1.14.51"}]}, {"product": "BMC firmware for Z10PE-D16 WS", "vendor": "ASUS", "versions": [{"status": "affected", "version": "1.14.2"}]}], "datePublic": "2021-04-06T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The specific function in ASUS BMC\u2019s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-04-06T05:02:06.000Z", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.asus.com/tw/support/callus/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html"}], "solutions": [{"lang": "en", "value": "update BMC's firmwares to the following versions:\nZ10PR-D16 1.16.1\nASMB8-iKVM 1.16.1\nZ10PE-D16 WS 1.16.1"}], "source": {"advisory": "TVN-202103012", "discovery": "EXTERNAL"}, "title": "ASUS BMC's firmware: buffer overflow - ActiveX configuration-1 acquisition", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-04-06T02:48:00.000Z", "ID": "CVE-2021-28185", "STATE": "PUBLIC", "TITLE": "ASUS BMC's firmware: buffer overflow - ActiveX configuration-1 acquisition"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BMC firmware for Z10PR-D16", "version": {"version_data": [{"version_affected": "=", "version_value": "1.14.51"}]}}, {"product_name": "BMC firmware for ASMB8-iKVM", "version": {"version_data": [{"version_affected": "=", "version_value": "1.14.51"}]}}, {"product_name": "BMC firmware for Z10PE-D16 WS", "version": {"version_data": [{"version_affected": "=", "version_value": "1.14.2"}]}}]}, "vendor_name": "ASUS"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The specific function in ASUS BMC\u2019s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-120 Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/", "refsource": "MISC", "url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"}, {"name": "https://www.asus.com/tw/support/callus/", "refsource": "MISC", "url": "https://www.asus.com/tw/support/callus/"}, {"name": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html"}]}, "solution": [{"lang": "en", "value": "update BMC's firmwares to the following versions:\nZ10PR-D16 1.16.1\nASMB8-iKVM 1.16.1\nZ10PE-D16 WS 1.16.1"}], "source": {"advisory": "TVN-202103012", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:40:12.204Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.asus.com/tw/support/callus/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html"}]}]}, "cveMetadata": {"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-28185", "datePublished": "2021-04-06T05:02:06.544Z", "dateReserved": "2021-03-12T00:00:00.000Z", "dateUpdated": "2024-09-16T22:08:33.875Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*", "matchCriteriaId": "F38D0E80-BD62-46A7-B1CD-6C7045FF7F79", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*", "matchCriteriaId": "A340A0CE-8BD2-420A-814B-5585C08A4CCB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*", "matchCriteriaId": "4D98B9CE-6675-48A4-98A3-6E5DA19A2480", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A2F069D-18EE-49A3-A8EB-3C745425BFFE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "0B5DB0A7-B863-4AFF-BEB6-6958F921C016", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*", "matchCriteriaId": "51F61A82-6BBE-4758-9789-7CE6FCB9E20D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The specific function in ASUS BMC\u2019s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."}, {"lang": "es", "value": "La funci\u00f3n specific en la p\u00e1gina de administraci\u00f3n Web del firmware de ASUS BMC (Adquisici\u00f3n de configuraci\u00f3n 1 de ActiveX) no verifica la longitud de la cadena introducida por usuarios, resultando en una vulnerabilidad de desbordamiento del b\u00fafer. Al obtener el permiso privilegiado, los atacantes remotos usan la filtraci\u00f3n para finalizar anormalmente el servicio Web"}], "id": "CVE-2021-28185", "lastModified": "2024-11-21T05:59:16.983", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "twcert@cert.org.tw", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-06T05:15:15.393", "references": [{"source": "twcert@cert.org.tw", "tags": ["Vendor Advisory"], "url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"}, {"source": "twcert@cert.org.tw", "tags": ["Vendor Advisory"], "url": "https://www.asus.com/tw/support/callus/"}, {"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.asus.com/tw/support/callus/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "twcert@cert.org.tw", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}