Approved changes feed: RSS · Atom

cpe:2.3:h:tyan:s5552\/s5552wgm4nr:-:*:*:*:*:*:*:*

part: h version: - update: *

VendorTyan (84c0b68a-730f-5945-962e-f654af81125d)
ProductS5552/S5552Wgm4Nr (16e6ab0a-0227-5560-a37a-3df364c19498)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-2538 not_vulnerable 2026-06-08 06:02:42.493481 TLS Private Key Accessible to External Parties
MEDIUM (5.8)
A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan S5552 BMC version 3.00 allows an unauthenticated remote attacker to retrieve the private key of the TLS certificate in use by the BMC via forced browsing. This can then be abused to perform Man-in-the-Middle (MitM) attacks against victims that access the web interface through HTTPS.
Published: 2023-07-05T12:11:53.397Z
Updated: 2024-10-24T19:21:16.864Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.