Tyan S5552/S5552GM4NR Firmware 3.0.0
Approved changes feed: RSS · Atom
cpe:2.3:o:tyan:s5552\/s5552gm4nr_firmware:3.0.0:*:*:*:*:*:*:*
part: o version: 3.0.0 update: *
| Vendor | Tyan (84c0b68a-730f-5945-962e-f654af81125d) |
|---|---|
| Product | S5552/S5552Gm4Nr Firmware (6cbffd69-146d-52d0-a227-2049075d967f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-2538 |
vulnerable | 2026-06-08 06:02:42.494099 |
TLS Private Key Accessible to External Parties
MEDIUM (5.8)
A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan S5552 BMC version 3.00 allows an unauthenticated remote attacker to retrieve the private key of the TLS certificate in use by the BMC via forced browsing. This can then be abused to perform Man-in-the-Middle (MitM) attacks against victims that access the web interface through HTTPS.
Published: 2023-07-05T12:11:53.397Z
Updated: 2024-10-24T19:21:16.864Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.