Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen), Express5800/T110j-S (2nd-Gen), iStorage NS100Ti, and Express5800/GT110j) where Baseboard Management Controller (BMC) firmware Rev1.09 and earlier is applied allows remote attackers to bypass authentication and then obtain/modify BMC setting information, obtain monitoring information, or reboot/shut down the vulnerable product via unspecified vectors.
References
Link | Resource |
---|---|
https://jpn.nec.com/security-info/secinfo/nv21-002.html | Vendor Advisory |
https://jvn.jp/en/jp/JVN38752718/index.html | Third Party Advisory |
https://www.support.nec.co.jp/View.aspx?id=9010108754 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Jan 2021, 19:00
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://jvn.jp/en/jp/JVN38752718/index.html - Third Party Advisory | |
References | (MISC) https://www.support.nec.co.jp/View.aspx?id=9010108754 - Vendor Advisory | |
References | (MISC) https://jpn.nec.com/security-info/secinfo/nv21-002.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 9.0
v3 : 9.8 |
CWE | CWE-287 | |
CPE | cpe:2.3:h:nec:express5800\/t110j-s:-:*:*:*:*:*:*:* cpe:2.3:h:nec:express5800\/t110j:-:*:*:*:*:*:*:* cpe:2.3:o:nec:baseboard_management_controller:*:*:*:*:*:*:*:* cpe:2.3:h:nec:express5800\/gt110j:-:*:*:*:*:*:*:* cpe:2.3:h:nec:express5800\/t110j-s_\(2nd-gen\):-:*:*:*:*:*:*:* cpe:2.3:h:nec:istorage_ns100ti:-:*:*:*:*:*:*:* cpe:2.3:h:nec:express5800\/t110j_\(2nd-gen\):-:*:*:*:*:*:*:* |
13 Jan 2021, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-13 10:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-5633
Mitre link : CVE-2020-5633
CVE.ORG link : CVE-2020-5633
JSON object : View
Products Affected
nec
- express5800\/t110j
- baseboard_management_controller
- istorage_ns100ti
- express5800\/t110j_\(2nd-gen\)
- express5800\/gt110j
- express5800\/t110j-s
- express5800\/t110j-s_\(2nd-gen\)
CWE
CWE-287
Improper Authentication