FKIE_CVE-2023-31189
Vulnerability from fkie_nvd - Published: 2024-02-14 14:15 - Updated: 2026-01-14 18:29
Severity ?
5.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:openbmc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38AEA92C-5EC0-4BF9-BEA1-1B55EE1BE717",
"versionEndExcluding": "egs-1.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:xeon_bronze_3408u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09E7DE0D-42DB-4F10-930B-A0129CC27CAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5403n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "562820DC-1CB4-4063-ACF0-00FE0A9B2E75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5411n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EDBC632-F76D-4E3A-9A0E-8BE1DB5A0DDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5412u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316A237D-7975-453E-B92C-896F6364E2F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5415\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE27B5E7-7F00-4A27-B2C5-E66DE71AEF08",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5416s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C14795D9-BC55-417A-8D90-661AA6D1391A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5418n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9951E153-870C-4DC3-BFFB-4B870DA63AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5418y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E65EAAF-AD3E-4466-99F1-972CFB59D077",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5420\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBB4E2C-DFCE-4B95-9817-A2E0C4A8997F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5423n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48A09287-D982-4AE6-B82E-BB772F384A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5433n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "151E7C53-F9DA-47DD-828A-34A0740F5EF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6403n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DD9CF9-6A89-4538-B95B-6464914430DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6414u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05CF326D-3CE1-4270-B8E7-CE9A2A2A4409",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6416h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D24053A-FFD8-4BD8-8676-7CC117A4185F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6418h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94721676-CD1A-4056-BEBF-1523C3CE2A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6421n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4C7008-1E66-4FBD-A197-DFDF4C38FFE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6423n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76A41E6F-3874-4137-B80F-E6C0A839BCCC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6426y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4286B9B8-B329-4342-A8C3-AC9A85B6478F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6428n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "975E43D4-B152-44A3-A64A-C9FCC37240B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB6EA88D-45EB-419A-8ED0-4B32A1846DD6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6433n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "003A0C42-8D2E-462F-9709-2A8C26D98247",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6433ne:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F1C3A-64B1-44A8-97BD-8E915FB84B9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6434:-:*:*:*:*:*:*:*",
"matchCriteriaId": "204B416D-B75B-4A44-8D37-8C6B84B77EF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6434h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8AEBC9-4A10-4D1F-B267-C9549521DDC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6438m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D150604-EF92-464A-9DA9-8F07DEA7EA7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6438n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "025106B8-53E0-485E-9009-0DA23D65F556",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6438y\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20643FF8-CC86-4B1F-A230-BF634E676F0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6442y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CC5990-41FB-49A8-81C9-6A94A17FCBBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6443n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "337887FE-6938-4AB8-AE5A-10CAEFC7C350",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6444y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60E9D7F4-5854-4900-BECD-0E55504719AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6448h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EC68B2-902A-400D-B473-6C01733C71CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6448y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63140392-AA9E-43C1-8594-42E8B41C33CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6454s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC71C847-8E80-4D85-823F-4567AF62D841",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6458q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71CFAFD6-4111-48FD-8DB1-81CB64F2958C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8444h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC500965-35C1-4747-818C-44E4D8FA2CD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8450h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A79B597-104B-4869-8FD2-DC64876E746A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8452y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C528F941-F391-4B0F-85EA-71A1E039F3EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8454h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9A4BED-EFBA-4565-AF8D-ECBDF5934E2C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8458p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED46098F-38C6-48CF-8BED-41423A6A4531",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8460h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD8A966-382A-4737-B56F-59D68831B501",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8460y\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCC2770-7DAE-41E9-A28F-FA742108174E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8461v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE9690A-18D5-421A-B9B1-FD3FD6F5BB6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8462y\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "336A6519-66D9-4F2A-9597-39BAD742129E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8468:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F65118-E8A7-44F1-A882-8B5E9C7E3C72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8468h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0004ECE3-BECD-4E60-BE35-23DDAD1758FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8468v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB861F62-6FA8-498A-B882-6E30814C15DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD61523A-0CF0-4416-AC53-26F0415FA462",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8470n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3448FA-4298-45EE-BA58-3202C5851540",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8471n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "569AE756-7CEC-44D7-9D4C-F1AE534F58DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8480\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCDFD394-1E5A-44AF-AB7F-610FBE69102A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8490h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73363441-FC21-4183-89CE-5F52BE8EAEBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4410t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3B836B-2636-4015-9F64-6272E888A133",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4410y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16968277-3B4A-4B98-944A-4FFA6FAA7FAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "La autenticaci\u00f3n incorrecta en algunos firmware OpenBMC de productos de servidor Intel(R) anteriores a la versi\u00f3n egs-1.09 puede permitir que un usuario autenticado habilite la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-31189",
"lastModified": "2026-01-14T18:29:39.013",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 2.7,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-14T14:15:50.310",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "secure@intel.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…