We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-54085

Redfish Authentication Bypass



Description

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

Reserved 2024-11-28 | Published 2025-03-11 | Updated 2025-03-11 | Assigner AMI


CRITICAL: 10.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-290 Authentication Bypass by Spoofing

Product status

Default status
unaffected

12.0 before 12.7
affected

13.0 before 13.5
affected

References

go.ami.com/hubfs/Security Advisories/2025/AMI-SA-2025003.pdf

cve.org (CVE-2024-54085)

nvd.nist.gov (CVE-2024-54085)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-54085

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.