{"containers":{"cna":{"affected":[{"product":"BMC firmware for ASMB9-iKVM","vendor":"ASUS","versions":[{"status":"affected","version":"1.11.12"}]},{"product":"BMC firmware for RS720A-E9-RS24-E","vendor":"ASUS","versions":[{"status":"affected","version":"1.10.3"}]},{"product":"BMC firmware for RS700A-E9-RS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.10.0"}]},{"product":"BMC firmware for RS700-E9-RS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.09"}]},{"product":"BMC firmware for ESC4000 G4X","vendor":"ASUS","versions":[{"status":"affected","version":"1.11.6"}]},{"product":"BMC firmware for RS700-E9-RS12","vendor":"ASUS","versions":[{"status":"affected","version":"1.11.5"}]},{"product":"BMC firmware for RS100-E10-PI2","vendor":"ASUS","versions":[{"status":"affected","version":"1.13.6"}]},{"product":"BMC firmware for RS300-E10-PS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.13.6"}]},{"product":"BMC firmware for RS300-E10-RS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.13.6"}]},{"product":"BMC firmware for RS500A-E9-PS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for RS500A-E9-RS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for RS500A-E9 RS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for E700 G4","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for WS C422 PRO/SE","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for WS X299 PRO/SE","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for Z11PA-U12","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.1"}]},{"product":"BMC firmware for Z11PA-U12/10G-2S","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.1"}]},{"product":"BMC firmware for KNPA-U16","vendor":"ASUS","versions":[{"status":"affected","version":"1.13.4"}]},{"product":"BMC firmware for ESC4000 DHD G4","vendor":"ASUS","versions":[{"status":"affected","version":"1.13.7"}]},{"product":"BMC firmware for ESC4000 G4","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.2"}]},{"product":"BMC firmware for RS720Q-E9-RS24-S","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.0"}]},{"product":"BMC firmware for RS720Q-E9-RS8","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.0"}]},{"product":"BMC firmware for RS720Q-E9-RS8-S","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.0"}]},{"product":"BMC firmware for Z11PA-D8","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for Z11PA-D8C","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.1"}]},{"product":"BMC firmware for RS720-E9-RS24-U","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.3"}]},{"product":"BMC firmware for RS720-E9-RS8-G","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.2"}]},{"product":"BMC firmware for RS500-E9-PS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.4"}]},{"product":"BMC firmware for Pro E800 G4","vendor":"ASUS","versions":[{"status":"affected","version":"1.14.2"}]},{"product":"BMC firmware for RS500-E9-RS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.4"}]},{"product":"BMC firmware for RS500-E9-RS4-U","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.4"}]},{"product":"BMC firmware for RS520-E9-RS12-E","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.3"}]},{"product":"BMC firmware for RS520-E9-RS8","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.3"}]},{"product":"BMC firmware for ESC8000 G4","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.4"}]},{"product":"BMC firmware for ESC8000 G4/10G","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.4"}]},{"product":"BMC firmware for RS720-E9-RS12-E","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.2"}]},{"product":"BMC firmware for WS C621E SAGE","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.1"}]},{"product":"BMC firmware for RS500A-E10-PS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.2"}]},{"product":"BMC firmware for RS500A-E10-RS4","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.2"}]},{"product":"BMC firmware for RS700A-E9-RS12V2","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.1"}]},{"product":"BMC firmware for RS700A-E9-RS4V2","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.1"}]},{"product":"BMC firmware for RS720A-E9-RS12V2","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.2"}]},{"product":"BMC firmware for RS720A-E9-RS24V2","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.1"}]},{"product":"BMC firmware for Z11PR-D16","vendor":"ASUS","versions":[{"status":"affected","version":"1.15.3"}]}],"datePublic":"2021-04-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":4.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-120","description":"CWE-120 Buffer Overflow","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-04-06T05:02:10.000Z","orgId":"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e","shortName":"twcert"},"references":[{"tags":["x_refsource_MISC"],"url":"https://www.asus.com/content/ASUS-Product-Security-Advisory/"},{"tags":["x_refsource_MISC"],"url":"https://www.asus.com/tw/support/callus/"},{"tags":["x_refsource_MISC"],"url":"https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.html"}],"solutions":[{"lang":"en","value":"update BMC's firmwares to the following versions:\nESC4000 G4X 1.15.6\nRS700-E9-RS12 1.15.4\nRS100-E10-PI2 1.15.3\nRS300-E10-PS4 1.15.3\nRS300-E10-RS4 1.15.3\nRS500A-E9-PS4 1.14.2\nRS500A-E9-RS4 1.14.2\nRS500A-E9 RS4 U 1.14.2\nE700 G4 1.14.2\nWS C422 PRO/SE 1.14.2\nWS X299 PRO/SE 1.14.2\nZ11PA-U12 1.15.2\nKNPA-U16 1.14.5\nESC4000 DHD G4 1.15.2\nESC4000 G4 1.15.6\nRS720Q-E9-RS24-S 1.15.1\nRS720Q-E9-RS8 1.15.1\nRS720Q-E9-RS8-S 1.15.1\nZ11PA-D8 1.15.2\nZ11PA-D8C 1.15.2\nRS720-E9-RS24-U 1.15.5\nRS720-E9-RS8-G 1.15.4\nRS500-E9-PS4 1.15.5\nPro E800 G4 1.15.2\nRS500-E9-RS4 1.15.5\nRS500-E9-RS4-U 1.15.5\nRS520-E9-RS12-E 1.15.4\nRS520-E9-RS8 1.15.4\nESC8000 G4 1.15.5\nESC8000 G4/10G 1.15.5\nRS720-E9-RS12-E 1.15.3\nWS C621E SAGE 1.15.3\nRS500A-E10-PS4 1.15.3\nRS500A-E10-RS4 1.15.3\nRS700A-E9-RS12V2 1.15.3\nRS700A-E9-RS4V2 1.15.3\nRS720A-E9-RS12V2 1.15.3\nRS720A-E9-RS24V2 1.15.3\nZ11PR-D16 1.15.4"}],"source":{"advisory":"TVN-202103017","discovery":"EXTERNAL"},"title":"ASUS BMC's firmware: buffer overflow - Generate new certificate function","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"AKA":"TWCERT/CC","ASSIGNER":"cve@cert.org.tw","DATE_PUBLIC":"2021-04-06T02:48:00.000Z","ID":"CVE-2021-28190","STATE":"PUBLIC","TITLE":"ASUS BMC's firmware: buffer overflow - Generate new certificate function"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"BMC firmware for ASMB9-iKVM","version":{"version_data":[{"version_affected":"=","version_value":"1.11.12"}]}},{"product_name":"BMC firmware for RS720A-E9-RS24-E","version":{"version_data":[{"version_value":"1.10.3"}]}},{"product_name":"BMC firmware for RS700A-E9-RS4","version":{"version_data":[{"version_value":"1.10.0"}]}},{"product_name":"BMC firmware for RS700-E9-RS4","version":{"version_data":[{"version_value":"1.09"}]}},{"product_name":"BMC firmware for ESC4000 G4X","version":{"version_data":[{"version_value":"1.11.6"}]}},{"product_name":"BMC firmware for RS700-E9-RS12","version":{"version_data":[{"version_value":"1.11.5"}]}},{"product_name":"BMC firmware for RS100-E10-PI2","version":{"version_data":[{"version_value":"1.13.6"}]}},{"product_name":"BMC firmware for RS300-E10-PS4","version":{"version_data":[{"version_value":"1.13.6"}]}},{"product_name":"BMC firmware for RS300-E10-RS4","version":{"version_data":[{"version_value":"1.13.6"}]}},{"product_name":"BMC firmware for RS500A-E9-PS4","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for RS500A-E9-RS4","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for RS500A-E9 RS4","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for E700 G4","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for WS C422 PRO/SE","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for WS X299 PRO/SE","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for Z11PA-U12","version":{"version_data":[{"version_value":"1.15.1"}]}},{"product_name":"BMC firmware for Z11PA-U12/10G-2S","version":{"version_data":[{"version_value":"1.15.1"}]}},{"product_name":"BMC firmware for KNPA-U16","version":{"version_data":[{"version_value":"1.13.4"}]}},{"product_name":"BMC firmware for ESC4000 DHD G4","version":{"version_data":[{"version_value":"1.13.7"}]}},{"product_name":"BMC firmware for ESC4000 G4","version":{"version_data":[{"version_value":"1.15.2"}]}},{"product_name":"BMC firmware for RS720Q-E9-RS24-S","version":{"version_data":[{"version_value":"1.15.0"}]}},{"product_name":"BMC firmware for RS720Q-E9-RS8","version":{"version_data":[{"version_value":"1.15.0"}]}},{"product_name":"BMC firmware for RS720Q-E9-RS8-S","version":{"version_data":[{"version_value":"1.15.0"}]}},{"product_name":"BMC firmware for Z11PA-D8","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for Z11PA-D8C","version":{"version_data":[{"version_value":"1.14.1"}]}},{"product_name":"BMC firmware for RS720-E9-RS24-U","version":{"version_data":[{"version_value":"1.14.3"}]}},{"product_name":"BMC firmware for RS720-E9-RS8-G","version":{"version_data":[{"version_value":"1.15.2"}]}},{"product_name":"BMC firmware for RS500-E9-PS4","version":{"version_data":[{"version_value":"1.15.4"}]}},{"product_name":"BMC firmware for Pro E800 G4","version":{"version_data":[{"version_value":"1.14.2"}]}},{"product_name":"BMC firmware for RS500-E9-RS4","version":{"version_data":[{"version_value":"1.15.4"}]}},{"product_name":"BMC firmware for RS500-E9-RS4-U","version":{"version_data":[{"version_value":"1.15.4"}]}},{"product_name":"BMC firmware for RS520-E9-RS12-E","version":{"version_data":[{"version_value":"1.15.3"}]}},{"product_name":"BMC firmware for RS520-E9-RS8","version":{"version_data":[{"version_value":"1.15.3"}]}},{"product_name":"BMC firmware for ESC8000 G4","version":{"version_data":[{"version_value":"1.15.4"}]}},{"product_name":"BMC firmware for ESC8000 G4/10G","version":{"version_data":[{"version_value":"1.15.4"}]}},{"product_name":"BMC firmware for RS720-E9-RS12-E","version":{"version_data":[{"version_value":"1.15.2"}]}},{"product_name":"BMC firmware for WS C621E SAGE","version":{"version_data":[{"version_value":"1.15.1"}]}},{"product_name":"BMC firmware for RS500A-E10-PS4","version":{"version_data":[{"version_value":"1.15.2"}]}},{"product_name":"BMC firmware for RS500A-E10-RS4","version":{"version_data":[{"version_value":"1.15.2"}]}},{"product_name":"BMC firmware for RS700A-E9-RS12V2","version":{"version_data":[{"version_value":"1.15.1"}]}},{"product_name":"BMC firmware for RS700A-E9-RS4V2","version":{"version_data":[{"version_value":"1.15.1"}]}},{"product_name":"BMC firmware for RS720A-E9-RS12V2","version":{"version_data":[{"version_value":"1.15.2"}]}},{"product_name":"BMC firmware for RS720A-E9-RS24V2","version":{"version_data":[{"version_value":"1.15.1"}]}},{"product_name":"BMC firmware for Z11PR-D16","version":{"version_data":[{"version_value":"1.15.3"}]}}]},"vendor_name":"ASUS"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":4.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-120 Buffer Overflow"}]}]},"references":{"reference_data":[{"name":"https://www.asus.com/content/ASUS-Product-Security-Advisory/","refsource":"MISC","url":"https://www.asus.com/content/ASUS-Product-Security-Advisory/"},{"name":"https://www.asus.com/tw/support/callus/","refsource":"MISC","url":"https://www.asus.com/tw/support/callus/"},{"name":"https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.html","refsource":"MISC","url":"https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.html"}]},"solution":[{"lang":"en","value":"update BMC's firmwares to the following versions:\nESC4000 G4X 1.15.6\nRS700-E9-RS12 1.15.4\nRS100-E10-PI2 1.15.3\nRS300-E10-PS4 1.15.3\nRS300-E10-RS4 1.15.3\nRS500A-E9-PS4 1.14.2\nRS500A-E9-RS4 1.14.2\nRS500A-E9 RS4 U 1.14.2\nE700 G4 1.14.2\nWS C422 PRO/SE 1.14.2\nWS X299 PRO/SE 1.14.2\nZ11PA-U12 1.15.2\nKNPA-U16 1.14.5\nESC4000 DHD G4 1.15.2\nESC4000 G4 1.15.6\nRS720Q-E9-RS24-S 1.15.1\nRS720Q-E9-RS8 1.15.1\nRS720Q-E9-RS8-S 1.15.1\nZ11PA-D8 1.15.2\nZ11PA-D8C 1.15.2\nRS720-E9-RS24-U 1.15.5\nRS720-E9-RS8-G 1.15.4\nRS500-E9-PS4 1.15.5\nPro E800 G4 1.15.2\nRS500-E9-RS4 1.15.5\nRS500-E9-RS4-U 1.15.5\nRS520-E9-RS12-E 1.15.4\nRS520-E9-RS8 1.15.4\nESC8000 G4 1.15.5\nESC8000 G4/10G 1.15.5\nRS720-E9-RS12-E 1.15.3\nWS C621E SAGE 1.15.3\nRS500A-E10-PS4 1.15.3\nRS500A-E10-RS4 1.15.3\nRS700A-E9-RS12V2 1.15.3\nRS700A-E9-RS4V2 1.15.3\nRS720A-E9-RS12V2 1.15.3\nRS720A-E9-RS24V2 1.15.3\nZ11PR-D16 1.15.4"}],"source":{"advisory":"TVN-202103017","discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T21:40:13.334Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.asus.com/content/ASUS-Product-Security-Advisory/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.asus.com/tw/support/callus/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.html"}]}]},"cveMetadata":{"assignerOrgId":"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e","assignerShortName":"twcert","cveId":"CVE-2021-28190","datePublished":"2021-04-06T05:02:10.261Z","dateReserved":"2021-03-12T00:00:00.000Z","dateUpdated":"2024-09-16T17:38:41.015Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}