Fujitsu iRMC S6 WebUI Redfish Access Vulnerability Due to Username Length

Vulnerability

A vulnerability exists in Fujitsu iRMC S6 on M5 versions prior to 1.37S, where the system improperly manages Redfish and WebUI access based on the length of the username. Specifically, usernames that are exactly 16 characters long can lead to incorrect handling of access permissions.

Impact

This vulnerability could allow for unauthorized access or manipulation of Redfish/WebUI functionalities, potentially leading to broader system misconfigurations or security issues.

Added: Nov 12, 2025, 6:22 PM

Updated: Nov 12, 2025, 6:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fujitsu iRMC S6 WebUI Redfish Access Vulnerability Due to Username Length

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating