Vulnerabilites related to intel - r1000wf
Vulnerability from fkie_nvd
Published
2021-02-19 16:15
Modified
2024-11-21 04:59
Severity ?
Summary
Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | bmc_firmware | * | |
| intel | hns2600bpb | - | |
| intel | hns2600bpb24 | - | |
| intel | hns2600bpb24r | - | |
| intel | hns2600bpblc | - | |
| intel | hns2600bpblc24 | - | |
| intel | hns2600bpblc24r | - | |
| intel | hns2600bpbr | - | |
| intel | hns2600bpq | - | |
| intel | hns2600bpq24 | - | |
| intel | hns2600bpq24r | - | |
| intel | hns2600bpqr | - | |
| intel | hns2600bps | - | |
| intel | hns2600bps24 | - | |
| intel | hns2600bps24r | - | |
| intel | hns2600bpsr | - | |
| intel | r1000wf | - | |
| intel | r1208wfqysr | - | |
| intel | r1208wftys | - | |
| intel | r1208wftysr | - | |
| intel | r1304wf0ys | - | |
| intel | r1304wf0ysr | - | |
| intel | r1304wftys | - | |
| intel | r1304wftysr | - | |
| intel | r2208wf0zs | - | |
| intel | r2208wf0zsr | - | |
| intel | r2208wfqzs | - | |
| intel | r2208wfqzsr | - | |
| intel | r2208wftzs | - | |
| intel | r2208wftzsr | - | |
| intel | r2224wfqzs | - | |
| intel | r2224wftzs | - | |
| intel | r2224wftzsr | - | |
| intel | r2308wftzs | - | |
| intel | r2308wftzsr | - | |
| intel | r2312wf0np | - | |
| intel | r2312wf0npr | - | |
| intel | r2312wfqzs | - | |
| intel | r2312wftzs | - | |
| intel | r2312wftzsr | - | |
| intel | s2600bpbr | - | |
| intel | s2600bpqr | - | |
| intel | s2600bpsr | - | |
| intel | s2600stb | - | |
| intel | s2600stq | - | |
| intel | s2600wf0 | - | |
| intel | s2600wfq | - | |
| intel | s2600wft | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15CF9AD6-8F14-40FC-8657-8BC57B595ED2", versionEndExcluding: "2.47", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*", matchCriteriaId: "7F002684-C456-40F0-AA2A-97C79AE5EECA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*", matchCriteriaId: "6B4E1CD8-2A13-4BC9-87D9-24E9E0897500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*", matchCriteriaId: "796E437A-B972-4D30-B0A4-53366693C7DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*", matchCriteriaId: "0D9CC284-540E-492A-A0E6-A193DEAD3102", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*", matchCriteriaId: "5CC9E77D-DDB7-41AB-8728-9782336C167B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "DE6E2091-967D-4BA1-B190-9A2D13FE4AFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*", matchCriteriaId: "24786B0E-36AC-4DBD-8778-DC836CF81CB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*", matchCriteriaId: "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*", matchCriteriaId: "0431FDBE-4A58-40B1-B635-225E5B9EDBBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "7138CA16-5DDA-4CAB-AF4F-6B4127C1055F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EADDC0-0AAE-4445-9764-1C54E3898FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*", matchCriteriaId: "E09B1290-FAD0-4869-A1FA-A4D12BB602CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*", matchCriteriaId: "86739A74-AE8B-4699-8C1B-AC5D30C4FA50", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "CD891C11-B432-4B87-96BE-7C8BFA76E801", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5E07CC-3948-4664-AE8E-0517D9D66211", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*", matchCriteriaId: "85763067-E9E5-4418-A51F-FF3DD3710F9B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DD69C7-9E7C-4569-9971-A06F77028BB7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "3506908A-8081-4ADA-A986-E02415956AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*", matchCriteriaId: "0DEF6206-E94C-4C16-8D91-AD776D62F79F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E6AFA4-49E7-4191-9EA2-7E2EE269067B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "0A47AC30-315C-4E4B-BBBB-305FA5131281", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "48054F35-53C1-4480-86E2-CB8260DD84B6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*", matchCriteriaId: "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*", matchCriteriaId: "8029A5F9-E999-4BA9-AA77-14A73B83454E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "3B83196F-06BD-41D6-A6B8-C7ABD25CA238", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "07C54A6D-7193-4AC3-A1E5-3CE16DF54FCB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "30E49457-D38D-4145-81F2-7FA4D463CD24", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB1E675-B059-4F28-8EBA-9FA5EF6E4044", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "13C6540A-C5E4-46E5-BB7C-E4C53904AE68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "D952C1D5-581F-4ADC-8DB5-3682DC8588CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6DFA67-F1EE-4DBB-8E7B-CCDF097DC8BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "F3183B56-D5BB-4010-B2EE-3427D796D2A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*", matchCriteriaId: "98B6DF59-DF1E-4D9C-B574-37DC398B16AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*", matchCriteriaId: "931E4D81-FAF0-4BFF-92E0-D5F653C5E845", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "6982CB5F-4448-48D4-BD3A-782874AB2304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "B14E3D1D-B614-458D-8F78-E25CC89B311E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "81818501-4F4A-4CED-895D-84D6DC139811", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "68606D69-C913-492A-A00E-3D899AB42595", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "9D292D7D-1E22-440F-B30C-3C580AFE91C9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "C89B4E6B-B742-4BCA-9547-B1C6059C6671", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*", matchCriteriaId: "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDFAF1C-E386-4F35-8A81-492713F10A92", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*", matchCriteriaId: "5D8B99E9-63EF-45FA-AD23-1CEBDB3DD41E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*", matchCriteriaId: "F105271A-9DC1-42CE-9D19-E4A55BE1F04E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*", matchCriteriaId: "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Un desbordamiento del búfer en el firmware de BMC para algunas Intel® Server Boards, Server Systems y Compute Modules versiones anteriores a 2.47, puede permitir a un usuario con privilegios habilitar potencialmente una escalada de privilegios por medio de un acceso local", }, ], id: "CVE-2020-12374", lastModified: "2024-11-21T04:59:36.197", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-19T16:15:12.657", references: [ { source: "secure@intel.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-17 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | bmc_firmware | * | |
| intel | hns2600bpb | - | |
| intel | hns2600bpb24 | - | |
| intel | hns2600bpb24r | - | |
| intel | hns2600bpblc | - | |
| intel | hns2600bpblc24 | - | |
| intel | hns2600bpblc24r | - | |
| intel | hns2600bpbr | - | |
| intel | hns2600bpq | - | |
| intel | hns2600bpq24 | - | |
| intel | hns2600bpq24r | - | |
| intel | hns2600bpqr | - | |
| intel | hns2600bps | - | |
| intel | hns2600bps24 | - | |
| intel | hns2600bps24r | - | |
| intel | hns2600bpsr | - | |
| intel | r1000wf | - | |
| intel | r1208wfqysr | - | |
| intel | r1208wftys | - | |
| intel | r1208wftysr | - | |
| intel | r1304wf0ys | - | |
| intel | r1304wf0ysr | - | |
| intel | r1304wftys | - | |
| intel | r1304wftysr | - | |
| intel | r2208wf0zs | - | |
| intel | r2208wf0zsr | - | |
| intel | r2208wfqzs | - | |
| intel | r2208wfqzsr | - | |
| intel | r2208wftzs | - | |
| intel | r2208wftzsr | - | |
| intel | r2224wfqzs | - | |
| intel | r2224wftzs | - | |
| intel | r2224wftzsr | - | |
| intel | r2308wftzs | - | |
| intel | r2308wftzsr | - | |
| intel | r2312wf0np | - | |
| intel | r2312wf0npr | - | |
| intel | r2312wfqzs | - | |
| intel | r2312wftzs | - | |
| intel | r2312wftzsr | - | |
| intel | s2600bpbr | - | |
| intel | s2600bpqr | - | |
| intel | s2600bpsr | - | |
| intel | s2600stb | - | |
| intel | s2600stq | - | |
| intel | s2600wf0 | - | |
| intel | s2600wfq | - | |
| intel | s2600wft | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15CF9AD6-8F14-40FC-8657-8BC57B595ED2", versionEndExcluding: "2.47", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*", matchCriteriaId: "7F002684-C456-40F0-AA2A-97C79AE5EECA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*", matchCriteriaId: "6B4E1CD8-2A13-4BC9-87D9-24E9E0897500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*", matchCriteriaId: "796E437A-B972-4D30-B0A4-53366693C7DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*", matchCriteriaId: "0D9CC284-540E-492A-A0E6-A193DEAD3102", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*", matchCriteriaId: "5CC9E77D-DDB7-41AB-8728-9782336C167B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "DE6E2091-967D-4BA1-B190-9A2D13FE4AFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*", matchCriteriaId: "24786B0E-36AC-4DBD-8778-DC836CF81CB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*", matchCriteriaId: "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*", matchCriteriaId: "0431FDBE-4A58-40B1-B635-225E5B9EDBBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "7138CA16-5DDA-4CAB-AF4F-6B4127C1055F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EADDC0-0AAE-4445-9764-1C54E3898FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*", matchCriteriaId: "E09B1290-FAD0-4869-A1FA-A4D12BB602CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*", matchCriteriaId: "86739A74-AE8B-4699-8C1B-AC5D30C4FA50", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "CD891C11-B432-4B87-96BE-7C8BFA76E801", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5E07CC-3948-4664-AE8E-0517D9D66211", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*", matchCriteriaId: "85763067-E9E5-4418-A51F-FF3DD3710F9B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DD69C7-9E7C-4569-9971-A06F77028BB7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "3506908A-8081-4ADA-A986-E02415956AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*", matchCriteriaId: "0DEF6206-E94C-4C16-8D91-AD776D62F79F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E6AFA4-49E7-4191-9EA2-7E2EE269067B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "0A47AC30-315C-4E4B-BBBB-305FA5131281", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "48054F35-53C1-4480-86E2-CB8260DD84B6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*", matchCriteriaId: "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*", matchCriteriaId: "8029A5F9-E999-4BA9-AA77-14A73B83454E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "3B83196F-06BD-41D6-A6B8-C7ABD25CA238", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "07C54A6D-7193-4AC3-A1E5-3CE16DF54FCB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "30E49457-D38D-4145-81F2-7FA4D463CD24", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB1E675-B059-4F28-8EBA-9FA5EF6E4044", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "13C6540A-C5E4-46E5-BB7C-E4C53904AE68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "D952C1D5-581F-4ADC-8DB5-3682DC8588CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6DFA67-F1EE-4DBB-8E7B-CCDF097DC8BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "F3183B56-D5BB-4010-B2EE-3427D796D2A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*", matchCriteriaId: "98B6DF59-DF1E-4D9C-B574-37DC398B16AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*", matchCriteriaId: "931E4D81-FAF0-4BFF-92E0-D5F653C5E845", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "6982CB5F-4448-48D4-BD3A-782874AB2304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "B14E3D1D-B614-458D-8F78-E25CC89B311E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "81818501-4F4A-4CED-895D-84D6DC139811", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "68606D69-C913-492A-A00E-3D899AB42595", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "9D292D7D-1E22-440F-B30C-3C580AFE91C9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "C89B4E6B-B742-4BCA-9547-B1C6059C6671", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*", matchCriteriaId: "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDFAF1C-E386-4F35-8A81-492713F10A92", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*", matchCriteriaId: "5D8B99E9-63EF-45FA-AD23-1CEBDB3DD41E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*", matchCriteriaId: "F105271A-9DC1-42CE-9D19-E4A55BE1F04E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*", matchCriteriaId: "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una lectura fuera de límites del firmware BMC para algunos Intel® Server Boards, Server Systems and Compute Modules versiones anteriores a 2.47, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local", }, ], id: "CVE-2020-12380", lastModified: "2024-11-21T04:59:36.710", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-17T14:15:15.937", references: [ { source: "secure@intel.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-17 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | bmc_firmware | * | |
| intel | hns2600bpb | - | |
| intel | hns2600bpb24 | - | |
| intel | hns2600bpb24r | - | |
| intel | hns2600bpblc | - | |
| intel | hns2600bpblc24 | - | |
| intel | hns2600bpblc24r | - | |
| intel | hns2600bpbr | - | |
| intel | hns2600bpq | - | |
| intel | hns2600bpq24 | - | |
| intel | hns2600bpq24r | - | |
| intel | hns2600bpqr | - | |
| intel | hns2600bps | - | |
| intel | hns2600bps24 | - | |
| intel | hns2600bps24r | - | |
| intel | hns2600bpsr | - | |
| intel | r1000wf | - | |
| intel | r1208wfqysr | - | |
| intel | r1208wftys | - | |
| intel | r1208wftysr | - | |
| intel | r1304wf0ys | - | |
| intel | r1304wf0ysr | - | |
| intel | r1304wftys | - | |
| intel | r1304wftysr | - | |
| intel | r2208wf0zs | - | |
| intel | r2208wf0zsr | - | |
| intel | r2208wfqzs | - | |
| intel | r2208wfqzsr | - | |
| intel | r2208wftzs | - | |
| intel | r2208wftzsr | - | |
| intel | r2224wfqzs | - | |
| intel | r2224wftzs | - | |
| intel | r2224wftzsr | - | |
| intel | r2308wftzs | - | |
| intel | r2308wftzsr | - | |
| intel | r2312wf0np | - | |
| intel | r2312wf0npr | - | |
| intel | r2312wfqzs | - | |
| intel | r2312wftzs | - | |
| intel | r2312wftzsr | - | |
| intel | s2600bpbr | - | |
| intel | s2600bpqr | - | |
| intel | s2600bpsr | - | |
| intel | s2600stb | - | |
| intel | s2600stq | - | |
| intel | s2600wf0 | - | |
| intel | s2600wfq | - | |
| intel | s2600wft | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15CF9AD6-8F14-40FC-8657-8BC57B595ED2", versionEndExcluding: "2.47", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*", matchCriteriaId: "7F002684-C456-40F0-AA2A-97C79AE5EECA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*", matchCriteriaId: "6B4E1CD8-2A13-4BC9-87D9-24E9E0897500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*", matchCriteriaId: "796E437A-B972-4D30-B0A4-53366693C7DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*", matchCriteriaId: "0D9CC284-540E-492A-A0E6-A193DEAD3102", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*", matchCriteriaId: "5CC9E77D-DDB7-41AB-8728-9782336C167B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "DE6E2091-967D-4BA1-B190-9A2D13FE4AFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*", matchCriteriaId: "24786B0E-36AC-4DBD-8778-DC836CF81CB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*", matchCriteriaId: "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*", matchCriteriaId: "0431FDBE-4A58-40B1-B635-225E5B9EDBBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "7138CA16-5DDA-4CAB-AF4F-6B4127C1055F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EADDC0-0AAE-4445-9764-1C54E3898FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*", matchCriteriaId: "E09B1290-FAD0-4869-A1FA-A4D12BB602CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*", matchCriteriaId: "86739A74-AE8B-4699-8C1B-AC5D30C4FA50", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "CD891C11-B432-4B87-96BE-7C8BFA76E801", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5E07CC-3948-4664-AE8E-0517D9D66211", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*", matchCriteriaId: "85763067-E9E5-4418-A51F-FF3DD3710F9B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DD69C7-9E7C-4569-9971-A06F77028BB7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "3506908A-8081-4ADA-A986-E02415956AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*", matchCriteriaId: "0DEF6206-E94C-4C16-8D91-AD776D62F79F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E6AFA4-49E7-4191-9EA2-7E2EE269067B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "0A47AC30-315C-4E4B-BBBB-305FA5131281", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "48054F35-53C1-4480-86E2-CB8260DD84B6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*", matchCriteriaId: "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*", matchCriteriaId: "8029A5F9-E999-4BA9-AA77-14A73B83454E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "3B83196F-06BD-41D6-A6B8-C7ABD25CA238", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "07C54A6D-7193-4AC3-A1E5-3CE16DF54FCB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "30E49457-D38D-4145-81F2-7FA4D463CD24", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB1E675-B059-4F28-8EBA-9FA5EF6E4044", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "13C6540A-C5E4-46E5-BB7C-E4C53904AE68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "D952C1D5-581F-4ADC-8DB5-3682DC8588CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6DFA67-F1EE-4DBB-8E7B-CCDF097DC8BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "F3183B56-D5BB-4010-B2EE-3427D796D2A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*", matchCriteriaId: "98B6DF59-DF1E-4D9C-B574-37DC398B16AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*", matchCriteriaId: "931E4D81-FAF0-4BFF-92E0-D5F653C5E845", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "6982CB5F-4448-48D4-BD3A-782874AB2304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "B14E3D1D-B614-458D-8F78-E25CC89B311E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "81818501-4F4A-4CED-895D-84D6DC139811", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "68606D69-C913-492A-A00E-3D899AB42595", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "9D292D7D-1E22-440F-B30C-3C580AFE91C9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "C89B4E6B-B742-4BCA-9547-B1C6059C6671", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*", matchCriteriaId: "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDFAF1C-E386-4F35-8A81-492713F10A92", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*", matchCriteriaId: "5D8B99E9-63EF-45FA-AD23-1CEBDB3DD41E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*", matchCriteriaId: "F105271A-9DC1-42CE-9D19-E4A55BE1F04E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*", matchCriteriaId: "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.", }, { lang: "es", value: "Un uso de una clave embebida en el firmware BMC para algunos Intel® Server Boards, Server Systems and Compute Modules versiones anteriores a 2.47, puede permitir que el usuario autenticado habilitar potencialmente una divulgación de información por medio de un acceso local", }, ], id: "CVE-2020-12376", lastModified: "2024-11-21T04:59:36.473", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-17T14:15:15.810", references: [ { source: "secure@intel.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-798", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-17 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | bmc_firmware | * | |
| intel | hns2600bpb | - | |
| intel | hns2600bpb24 | - | |
| intel | hns2600bpb24r | - | |
| intel | hns2600bpblc | - | |
| intel | hns2600bpblc24 | - | |
| intel | hns2600bpblc24r | - | |
| intel | hns2600bpbr | - | |
| intel | hns2600bpq | - | |
| intel | hns2600bpq24 | - | |
| intel | hns2600bpq24r | - | |
| intel | hns2600bpqr | - | |
| intel | hns2600bps | - | |
| intel | hns2600bps24 | - | |
| intel | hns2600bps24r | - | |
| intel | hns2600bpsr | - | |
| intel | r1000wf | - | |
| intel | r1208wfqysr | - | |
| intel | r1208wftys | - | |
| intel | r1208wftysr | - | |
| intel | r1304wf0ys | - | |
| intel | r1304wf0ysr | - | |
| intel | r1304wftys | - | |
| intel | r1304wftysr | - | |
| intel | r2208wf0zs | - | |
| intel | r2208wf0zsr | - | |
| intel | r2208wfqzs | - | |
| intel | r2208wfqzsr | - | |
| intel | r2208wftzs | - | |
| intel | r2208wftzsr | - | |
| intel | r2224wfqzs | - | |
| intel | r2224wftzs | - | |
| intel | r2224wftzsr | - | |
| intel | r2308wftzs | - | |
| intel | r2308wftzsr | - | |
| intel | r2312wf0np | - | |
| intel | r2312wf0npr | - | |
| intel | r2312wfqzs | - | |
| intel | r2312wftzs | - | |
| intel | r2312wftzsr | - | |
| intel | s2600bpbr | - | |
| intel | s2600bpqr | - | |
| intel | s2600bpsr | - | |
| intel | s2600stb | - | |
| intel | s2600stq | - | |
| intel | s2600wf0 | - | |
| intel | s2600wfq | - | |
| intel | s2600wft | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15CF9AD6-8F14-40FC-8657-8BC57B595ED2", versionEndExcluding: "2.47", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*", matchCriteriaId: "7F002684-C456-40F0-AA2A-97C79AE5EECA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*", matchCriteriaId: "6B4E1CD8-2A13-4BC9-87D9-24E9E0897500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*", matchCriteriaId: "796E437A-B972-4D30-B0A4-53366693C7DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*", matchCriteriaId: "0D9CC284-540E-492A-A0E6-A193DEAD3102", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*", matchCriteriaId: "5CC9E77D-DDB7-41AB-8728-9782336C167B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "DE6E2091-967D-4BA1-B190-9A2D13FE4AFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*", matchCriteriaId: "24786B0E-36AC-4DBD-8778-DC836CF81CB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*", matchCriteriaId: "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*", matchCriteriaId: "0431FDBE-4A58-40B1-B635-225E5B9EDBBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "7138CA16-5DDA-4CAB-AF4F-6B4127C1055F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EADDC0-0AAE-4445-9764-1C54E3898FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*", matchCriteriaId: "E09B1290-FAD0-4869-A1FA-A4D12BB602CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*", matchCriteriaId: "86739A74-AE8B-4699-8C1B-AC5D30C4FA50", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "CD891C11-B432-4B87-96BE-7C8BFA76E801", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5E07CC-3948-4664-AE8E-0517D9D66211", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*", matchCriteriaId: "85763067-E9E5-4418-A51F-FF3DD3710F9B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DD69C7-9E7C-4569-9971-A06F77028BB7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "3506908A-8081-4ADA-A986-E02415956AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*", matchCriteriaId: "0DEF6206-E94C-4C16-8D91-AD776D62F79F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E6AFA4-49E7-4191-9EA2-7E2EE269067B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "0A47AC30-315C-4E4B-BBBB-305FA5131281", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "48054F35-53C1-4480-86E2-CB8260DD84B6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*", matchCriteriaId: "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*", matchCriteriaId: "8029A5F9-E999-4BA9-AA77-14A73B83454E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "3B83196F-06BD-41D6-A6B8-C7ABD25CA238", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "07C54A6D-7193-4AC3-A1E5-3CE16DF54FCB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "30E49457-D38D-4145-81F2-7FA4D463CD24", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB1E675-B059-4F28-8EBA-9FA5EF6E4044", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "13C6540A-C5E4-46E5-BB7C-E4C53904AE68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "D952C1D5-581F-4ADC-8DB5-3682DC8588CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6DFA67-F1EE-4DBB-8E7B-CCDF097DC8BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "F3183B56-D5BB-4010-B2EE-3427D796D2A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*", matchCriteriaId: "98B6DF59-DF1E-4D9C-B574-37DC398B16AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*", matchCriteriaId: "931E4D81-FAF0-4BFF-92E0-D5F653C5E845", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "6982CB5F-4448-48D4-BD3A-782874AB2304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "B14E3D1D-B614-458D-8F78-E25CC89B311E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "81818501-4F4A-4CED-895D-84D6DC139811", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "68606D69-C913-492A-A00E-3D899AB42595", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "9D292D7D-1E22-440F-B30C-3C580AFE91C9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "C89B4E6B-B742-4BCA-9547-B1C6059C6671", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*", matchCriteriaId: "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDFAF1C-E386-4F35-8A81-492713F10A92", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*", matchCriteriaId: "5D8B99E9-63EF-45FA-AD23-1CEBDB3DD41E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*", matchCriteriaId: "F105271A-9DC1-42CE-9D19-E4A55BE1F04E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*", matchCriteriaId: "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una comprobación insuficiente de la entrada en el firmware de BMC para algunos Intel® Server Boards, Server Systems and Compute Modules versiones anteriores a 2.47, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local", }, ], id: "CVE-2020-12377", lastModified: "2024-11-21T04:59:36.580", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-17T14:15:15.857", references: [ { source: "secure@intel.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-17 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | bmc_firmware | * | |
| intel | hns2600bpb | - | |
| intel | hns2600bpb24 | - | |
| intel | hns2600bpb24r | - | |
| intel | hns2600bpblc | - | |
| intel | hns2600bpblc24 | - | |
| intel | hns2600bpblc24r | - | |
| intel | hns2600bpbr | - | |
| intel | hns2600bpq | - | |
| intel | hns2600bpq24 | - | |
| intel | hns2600bpq24r | - | |
| intel | hns2600bpqr | - | |
| intel | hns2600bps | - | |
| intel | hns2600bps24 | - | |
| intel | hns2600bps24r | - | |
| intel | hns2600bpsr | - | |
| intel | r1000wf | - | |
| intel | r1208wfqysr | - | |
| intel | r1208wftys | - | |
| intel | r1208wftysr | - | |
| intel | r1304wf0ys | - | |
| intel | r1304wf0ysr | - | |
| intel | r1304wftys | - | |
| intel | r1304wftysr | - | |
| intel | r2208wf0zs | - | |
| intel | r2208wf0zsr | - | |
| intel | r2208wfqzs | - | |
| intel | r2208wfqzsr | - | |
| intel | r2208wftzs | - | |
| intel | r2208wftzsr | - | |
| intel | r2224wfqzs | - | |
| intel | r2224wftzs | - | |
| intel | r2224wftzsr | - | |
| intel | r2308wftzs | - | |
| intel | r2308wftzsr | - | |
| intel | r2312wf0np | - | |
| intel | r2312wf0npr | - | |
| intel | r2312wfqzs | - | |
| intel | r2312wftzs | - | |
| intel | r2312wftzsr | - | |
| intel | s2600bpbr | - | |
| intel | s2600bpqr | - | |
| intel | s2600bpsr | - | |
| intel | s2600stb | - | |
| intel | s2600stq | - | |
| intel | s2600wf0 | - | |
| intel | s2600wfq | - | |
| intel | s2600wft | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15CF9AD6-8F14-40FC-8657-8BC57B595ED2", versionEndExcluding: "2.47", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*", matchCriteriaId: "7F002684-C456-40F0-AA2A-97C79AE5EECA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*", matchCriteriaId: "6B4E1CD8-2A13-4BC9-87D9-24E9E0897500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*", matchCriteriaId: "796E437A-B972-4D30-B0A4-53366693C7DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*", matchCriteriaId: "0D9CC284-540E-492A-A0E6-A193DEAD3102", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*", matchCriteriaId: "5CC9E77D-DDB7-41AB-8728-9782336C167B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "DE6E2091-967D-4BA1-B190-9A2D13FE4AFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*", matchCriteriaId: "24786B0E-36AC-4DBD-8778-DC836CF81CB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*", matchCriteriaId: "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*", matchCriteriaId: "0431FDBE-4A58-40B1-B635-225E5B9EDBBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "7138CA16-5DDA-4CAB-AF4F-6B4127C1055F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EADDC0-0AAE-4445-9764-1C54E3898FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*", matchCriteriaId: "E09B1290-FAD0-4869-A1FA-A4D12BB602CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*", matchCriteriaId: "86739A74-AE8B-4699-8C1B-AC5D30C4FA50", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "CD891C11-B432-4B87-96BE-7C8BFA76E801", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5E07CC-3948-4664-AE8E-0517D9D66211", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*", matchCriteriaId: "85763067-E9E5-4418-A51F-FF3DD3710F9B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DD69C7-9E7C-4569-9971-A06F77028BB7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "3506908A-8081-4ADA-A986-E02415956AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*", matchCriteriaId: "0DEF6206-E94C-4C16-8D91-AD776D62F79F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E6AFA4-49E7-4191-9EA2-7E2EE269067B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "0A47AC30-315C-4E4B-BBBB-305FA5131281", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "48054F35-53C1-4480-86E2-CB8260DD84B6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*", matchCriteriaId: "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*", matchCriteriaId: "8029A5F9-E999-4BA9-AA77-14A73B83454E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "3B83196F-06BD-41D6-A6B8-C7ABD25CA238", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "07C54A6D-7193-4AC3-A1E5-3CE16DF54FCB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "30E49457-D38D-4145-81F2-7FA4D463CD24", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB1E675-B059-4F28-8EBA-9FA5EF6E4044", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "13C6540A-C5E4-46E5-BB7C-E4C53904AE68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "D952C1D5-581F-4ADC-8DB5-3682DC8588CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6DFA67-F1EE-4DBB-8E7B-CCDF097DC8BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "F3183B56-D5BB-4010-B2EE-3427D796D2A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*", matchCriteriaId: "98B6DF59-DF1E-4D9C-B574-37DC398B16AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*", matchCriteriaId: "931E4D81-FAF0-4BFF-92E0-D5F653C5E845", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "6982CB5F-4448-48D4-BD3A-782874AB2304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "B14E3D1D-B614-458D-8F78-E25CC89B311E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "81818501-4F4A-4CED-895D-84D6DC139811", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "68606D69-C913-492A-A00E-3D899AB42595", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "9D292D7D-1E22-440F-B30C-3C580AFE91C9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "C89B4E6B-B742-4BCA-9547-B1C6059C6671", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*", matchCriteriaId: "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDFAF1C-E386-4F35-8A81-492713F10A92", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*", matchCriteriaId: "5D8B99E9-63EF-45FA-AD23-1CEBDB3DD41E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*", matchCriteriaId: "F105271A-9DC1-42CE-9D19-E4A55BE1F04E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*", matchCriteriaId: "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Un desbordamiento de pila en el firmware BMC para algunos Intel® Server Boards, Server Systems and Compute Modules versiones anteriores a 2.47, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local", }, ], id: "CVE-2020-12375", lastModified: "2024-11-21T04:59:36.343", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-17T14:15:15.747", references: [ { source: "secure@intel.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-11 16:15
Modified
2025-02-05 16:15
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | s2600wf_firmware | * | |
| intel | s2600wf | - | |
| intel | r1000wf_firmware | * | |
| intel | r1000wf | - | |
| intel | r2000wf_firmware | * | |
| intel | r2000wf | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:s2600wf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0E3FE8CE-4C6E-46C1-B170-417F750796D8", versionEndIncluding: "02.01.0014", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:s2600wf:-:*:*:*:*:*:*:*", matchCriteriaId: "27BE1FB4-58DA-4BE1-A3E8-6EE00C88AE46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r1000wf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC9EE973-A792-479A-B63F-E3F97B8990DE", versionEndIncluding: "02.01.0014", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r1000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5E07CC-3948-4664-AE8E-0517D9D66211", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r2000wf_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7AFE5E3-2121-48CD-B654-38CE5BF2E09C", versionEndIncluding: "02.01.0014", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r2000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "6A81AAF3-6D8B-4758-A6C5-99E6B29A1760", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access.", }, { lang: "es", value: "La validación de entrada incorrecta en el firmware para algunas familias de Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF e Intel(R) Server System R2000WF anteriores a la versión R02.01.0014 puede permitir que un usuario privilegiado habilite potencialmente una escalada de privilegios a través del acceso local.", }, ], id: "CVE-2022-30542", lastModified: "2025-02-05T16:15:33.117", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "secure@intel.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-11T16:15:14.613", references: [ { source: "secure@intel.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-17 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | bmc_firmware | * | |
| intel | hns2600bpb | - | |
| intel | hns2600bpb24 | - | |
| intel | hns2600bpb24r | - | |
| intel | hns2600bpblc | - | |
| intel | hns2600bpblc24 | - | |
| intel | hns2600bpblc24r | - | |
| intel | hns2600bpbr | - | |
| intel | hns2600bpq | - | |
| intel | hns2600bpq24 | - | |
| intel | hns2600bpq24r | - | |
| intel | hns2600bpqr | - | |
| intel | hns2600bps | - | |
| intel | hns2600bps24 | - | |
| intel | hns2600bps24r | - | |
| intel | hns2600bpsr | - | |
| intel | r1000wf | - | |
| intel | r1208wfqysr | - | |
| intel | r1208wftys | - | |
| intel | r1208wftysr | - | |
| intel | r1304wf0ys | - | |
| intel | r1304wf0ysr | - | |
| intel | r1304wftys | - | |
| intel | r1304wftysr | - | |
| intel | r2208wf0zs | - | |
| intel | r2208wf0zsr | - | |
| intel | r2208wfqzs | - | |
| intel | r2208wfqzsr | - | |
| intel | r2208wftzs | - | |
| intel | r2208wftzsr | - | |
| intel | r2224wfqzs | - | |
| intel | r2224wftzs | - | |
| intel | r2224wftzsr | - | |
| intel | r2308wftzs | - | |
| intel | r2308wftzsr | - | |
| intel | r2312wf0np | - | |
| intel | r2312wf0npr | - | |
| intel | r2312wfqzs | - | |
| intel | r2312wftzs | - | |
| intel | r2312wftzsr | - | |
| intel | s2600bpbr | - | |
| intel | s2600bpqr | - | |
| intel | s2600bpsr | - | |
| intel | s2600stb | - | |
| intel | s2600stq | - | |
| intel | s2600wf0 | - | |
| intel | s2600wfq | - | |
| intel | s2600wft | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15CF9AD6-8F14-40FC-8657-8BC57B595ED2", versionEndExcluding: "2.47", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*", matchCriteriaId: "7F002684-C456-40F0-AA2A-97C79AE5EECA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*", matchCriteriaId: "6B4E1CD8-2A13-4BC9-87D9-24E9E0897500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*", matchCriteriaId: "796E437A-B972-4D30-B0A4-53366693C7DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*", matchCriteriaId: "0D9CC284-540E-492A-A0E6-A193DEAD3102", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*", matchCriteriaId: "5CC9E77D-DDB7-41AB-8728-9782336C167B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "DE6E2091-967D-4BA1-B190-9A2D13FE4AFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*", matchCriteriaId: "24786B0E-36AC-4DBD-8778-DC836CF81CB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*", matchCriteriaId: "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*", matchCriteriaId: "0431FDBE-4A58-40B1-B635-225E5B9EDBBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "7138CA16-5DDA-4CAB-AF4F-6B4127C1055F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EADDC0-0AAE-4445-9764-1C54E3898FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*", matchCriteriaId: "E09B1290-FAD0-4869-A1FA-A4D12BB602CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*", matchCriteriaId: "86739A74-AE8B-4699-8C1B-AC5D30C4FA50", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "CD891C11-B432-4B87-96BE-7C8BFA76E801", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1000wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9D5E07CC-3948-4664-AE8E-0517D9D66211", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*", matchCriteriaId: "85763067-E9E5-4418-A51F-FF3DD3710F9B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DD69C7-9E7C-4569-9971-A06F77028BB7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "3506908A-8081-4ADA-A986-E02415956AB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*", matchCriteriaId: "0DEF6206-E94C-4C16-8D91-AD776D62F79F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E6AFA4-49E7-4191-9EA2-7E2EE269067B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*", matchCriteriaId: "0A47AC30-315C-4E4B-BBBB-305FA5131281", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*", matchCriteriaId: "48054F35-53C1-4480-86E2-CB8260DD84B6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*", matchCriteriaId: "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*", matchCriteriaId: "8029A5F9-E999-4BA9-AA77-14A73B83454E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "3B83196F-06BD-41D6-A6B8-C7ABD25CA238", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "07C54A6D-7193-4AC3-A1E5-3CE16DF54FCB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "30E49457-D38D-4145-81F2-7FA4D463CD24", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB1E675-B059-4F28-8EBA-9FA5EF6E4044", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "13C6540A-C5E4-46E5-BB7C-E4C53904AE68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "D952C1D5-581F-4ADC-8DB5-3682DC8588CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6DFA67-F1EE-4DBB-8E7B-CCDF097DC8BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "F3183B56-D5BB-4010-B2EE-3427D796D2A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*", matchCriteriaId: "98B6DF59-DF1E-4D9C-B574-37DC398B16AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*", matchCriteriaId: "931E4D81-FAF0-4BFF-92E0-D5F653C5E845", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*", matchCriteriaId: "6982CB5F-4448-48D4-BD3A-782874AB2304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*", matchCriteriaId: "B14E3D1D-B614-458D-8F78-E25CC89B311E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*", matchCriteriaId: "81818501-4F4A-4CED-895D-84D6DC139811", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpbr:-:*:*:*:*:*:*:*", matchCriteriaId: "68606D69-C913-492A-A00E-3D899AB42595", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpqr:-:*:*:*:*:*:*:*", matchCriteriaId: "9D292D7D-1E22-440F-B30C-3C580AFE91C9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600bpsr:-:*:*:*:*:*:*:*", matchCriteriaId: "C89B4E6B-B742-4BCA-9547-B1C6059C6671", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*", matchCriteriaId: "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*", matchCriteriaId: "6DDFAF1C-E386-4F35-8A81-492713F10A92", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*", matchCriteriaId: "5D8B99E9-63EF-45FA-AD23-1CEBDB3DD41E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*", matchCriteriaId: "F105271A-9DC1-42CE-9D19-E4A55BE1F04E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*", matchCriteriaId: "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.", }, { lang: "es", value: "La derivación de punteros caducados en algunos controladores gráficos de Intel(R) anteriores a la versión 26.20.100.8141 puede permitir a un usuario con privilegios habilitar potencialmente una denegación de servicio mediante acceso local.", }, ], id: "CVE-2020-12373", lastModified: "2024-11-21T04:59:36.083", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-17T14:15:15.700", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2020-12376
Vulnerability from cvelistv5
Published
2021-02-17 13:56
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.47 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:51.809Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Server Boards, Server Systems and Compute Modules", vendor: "n/a", versions: [ { status: "affected", version: "before version 2.47", }, ], }, ], descriptions: [ { lang: "en", value: "Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.", }, ], problemTypes: [ { descriptions: [ { description: "information disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-17T13:56:08", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-12376", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Server Boards, Server Systems and Compute Modules", version: { version_data: [ { version_value: "before version 2.47", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-12376", datePublished: "2021-02-17T13:56:08", dateReserved: "2020-04-28T00:00:00", dateUpdated: "2024-08-04T11:56:51.809Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30542
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 15:26
Severity ?
EPSS score ?
Summary
Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families |
Version: before version R02.01.0014 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:48:36.421Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", tags: [ "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-30542", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-29T20:40:47.572106Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-05T15:26:46.640Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families", vendor: "n/a", versions: [ { status: "affected", version: "before version R02.01.0014", }, ], }, ], descriptions: [ { lang: "en", value: "Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-14T17:46:25.524Z", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html", }, ], }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2022-30542", datePublished: "2022-11-11T15:48:55.893Z", dateReserved: "2022-06-09T05:41:11.417Z", dateUpdated: "2025-02-05T15:26:46.640Z", requesterUserId: "18e72eb2-8568-4e08-88e2-81b49c53dae3", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12373
Vulnerability from cvelistv5
Published
2021-02-17 13:54
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Graphics Drivers |
Version: before version 26.20.100.8141 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:51.773Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Graphics Drivers", vendor: "n/a", versions: [ { status: "affected", version: "before version 26.20.100.8141", }, ], }, ], descriptions: [ { lang: "en", value: "Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.", }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T15:21:10", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-12373", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Graphics Drivers", version: { version_data: [ { version_value: "before version 26.20.100.8141", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-12373", datePublished: "2021-02-17T13:54:04", dateReserved: "2020-04-28T00:00:00", dateUpdated: "2024-08-04T11:56:51.773Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12377
Vulnerability from cvelistv5
Published
2021-02-17 13:55
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.47 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:51.330Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Server Boards, Server Systems and Compute Modules", vendor: "n/a", versions: [ { status: "affected", version: "before version 2.47", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-17T13:55:37", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-12377", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Server Boards, Server Systems and Compute Modules", version: { version_data: [ { version_value: "before version 2.47", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "escalation of privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-12377", datePublished: "2021-02-17T13:55:37", dateReserved: "2020-04-28T00:00:00", dateUpdated: "2024-08-04T11:56:51.330Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12375
Vulnerability from cvelistv5
Published
2021-02-17 13:56
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.47 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:51.788Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Server Boards, Server Systems and Compute Modules", vendor: "n/a", versions: [ { status: "affected", version: "before version 2.47", }, ], }, ], descriptions: [ { lang: "en", value: "Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-17T13:56:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-12375", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Server Boards, Server Systems and Compute Modules", version: { version_data: [ { version_value: "before version 2.47", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "escalation of privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-12375", datePublished: "2021-02-17T13:56:01", dateReserved: "2020-04-28T00:00:00", dateUpdated: "2024-08-04T11:56:51.788Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12380
Vulnerability from cvelistv5
Published
2021-02-17 13:55
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.47 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:52.041Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Server Boards, Server Systems and Compute Modules", vendor: "n/a", versions: [ { status: "affected", version: "before version 2.47", }, ], }, ], descriptions: [ { lang: "en", value: "Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-17T13:55:53", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-12380", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Server Boards, Server Systems and Compute Modules", version: { version_data: [ { version_value: "before version 2.47", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "escalation of privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-12380", datePublished: "2021-02-17T13:55:53", dateReserved: "2020-04-28T00:00:00", dateUpdated: "2024-08-04T11:56:52.041Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12374
Vulnerability from cvelistv5
Published
2021-02-19 15:17
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.47 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:56:51.655Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Server Boards, Server Systems and Compute Modules", vendor: "n/a", versions: [ { status: "affected", version: "before version 2.47", }, ], }, ], descriptions: [ { lang: "en", value: "Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T15:17:24", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-12374", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Server Boards, Server Systems and Compute Modules", version: { version_data: [ { version_value: "before version 2.47", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "escalation of privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-12374", datePublished: "2021-02-19T15:17:24", dateReserved: "2020-04-28T00:00:00", dateUpdated: "2024-08-04T11:56:51.655Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }