FKIE_CVE-2023-32280

Vulnerability from fkie_nvd - Published: 2024-02-14 14:15 - Updated: 2026-01-14 18:26
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access.
References
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.htmlVendor Advisory
Impacted products
Vendor Product Version
intel openbmc *
intel xeon_bronze_3408u -
intel xeon_gold_5403n -
intel xeon_gold_5411n -
intel xeon_gold_5412u -
intel xeon_gold_5415\+ -
intel xeon_gold_5416s -
intel xeon_gold_5418n -
intel xeon_gold_5418y -
intel xeon_gold_5420\+ -
intel xeon_gold_5423n -
intel xeon_gold_5433n -
intel xeon_gold_6403n -
intel xeon_gold_6414u -
intel xeon_gold_6416h -
intel xeon_gold_6418h -
intel xeon_gold_6421n -
intel xeon_gold_6423n -
intel xeon_gold_6426y -
intel xeon_gold_6428n -
intel xeon_gold_6430 -
intel xeon_gold_6433n -
intel xeon_gold_6433ne -
intel xeon_gold_6434 -
intel xeon_gold_6434h -
intel xeon_gold_6438m -
intel xeon_gold_6438n -
intel xeon_gold_6438y\+ -
intel xeon_gold_6442y -
intel xeon_gold_6443n -
intel xeon_gold_6444y -
intel xeon_gold_6448h -
intel xeon_gold_6448y -
intel xeon_gold_6454s -
intel xeon_gold_6458q -
intel xeon_platinum_8444h -
intel xeon_platinum_8450h -
intel xeon_platinum_8452y -
intel xeon_platinum_8454h -
intel xeon_platinum_8458p -
intel xeon_platinum_8460h -
intel xeon_platinum_8460y\+ -
intel xeon_platinum_8461v -
intel xeon_platinum_8462y\+ -
intel xeon_platinum_8468 -
intel xeon_platinum_8468h -
intel xeon_platinum_8468v -
intel xeon_platinum_8470 -
intel xeon_platinum_8470n -
intel xeon_platinum_8471n -
intel xeon_platinum_8480\+ -
intel xeon_platinum_8490h -
intel xeon_silver_4410t -
intel xeon_silver_4410y -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:openbmc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87E51DF-77BB-4CF2-A978-057D2C066CD1",
              "versionEndExcluding": "egs-1.05",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xeon_bronze_3408u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E7DE0D-42DB-4F10-930B-A0129CC27CAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5403n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "562820DC-1CB4-4063-ACF0-00FE0A9B2E75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5411n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDBC632-F76D-4E3A-9A0E-8BE1DB5A0DDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "316A237D-7975-453E-B92C-896F6364E2F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5415\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE27B5E7-7F00-4A27-B2C5-E66DE71AEF08",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5416s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14795D9-BC55-417A-8D90-661AA6D1391A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5418n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9951E153-870C-4DC3-BFFB-4B870DA63AC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5418y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E65EAAF-AD3E-4466-99F1-972CFB59D077",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5420\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FBB4E2C-DFCE-4B95-9817-A2E0C4A8997F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5423n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A09287-D982-4AE6-B82E-BB772F384A84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5433n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "151E7C53-F9DA-47DD-828A-34A0740F5EF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6403n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8DD9CF9-6A89-4538-B95B-6464914430DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6414u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05CF326D-3CE1-4270-B8E7-CE9A2A2A4409",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6416h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D24053A-FFD8-4BD8-8676-7CC117A4185F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6418h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94721676-CD1A-4056-BEBF-1523C3CE2A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6421n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4C7008-1E66-4FBD-A197-DFDF4C38FFE3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6423n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76A41E6F-3874-4137-B80F-E6C0A839BCCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6426y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4286B9B8-B329-4342-A8C3-AC9A85B6478F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6428n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "975E43D4-B152-44A3-A64A-C9FCC37240B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB6EA88D-45EB-419A-8ED0-4B32A1846DD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6433n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "003A0C42-8D2E-462F-9709-2A8C26D98247",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6433ne:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF8F1C3A-64B1-44A8-97BD-8E915FB84B9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6434:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "204B416D-B75B-4A44-8D37-8C6B84B77EF3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6434h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8AEBC9-4A10-4D1F-B267-C9549521DDC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6438m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D150604-EF92-464A-9DA9-8F07DEA7EA7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6438n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "025106B8-53E0-485E-9009-0DA23D65F556",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6438y\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20643FF8-CC86-4B1F-A230-BF634E676F0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6442y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8CC5990-41FB-49A8-81C9-6A94A17FCBBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6443n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "337887FE-6938-4AB8-AE5A-10CAEFC7C350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6444y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60E9D7F4-5854-4900-BECD-0E55504719AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6448h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1EC68B2-902A-400D-B473-6C01733C71CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6448y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63140392-AA9E-43C1-8594-42E8B41C33CC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6454s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC71C847-8E80-4D85-823F-4567AF62D841",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6458q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71CFAFD6-4111-48FD-8DB1-81CB64F2958C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8444h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC500965-35C1-4747-818C-44E4D8FA2CD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8450h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A79B597-104B-4869-8FD2-DC64876E746A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8452y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C528F941-F391-4B0F-85EA-71A1E039F3EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8454h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9A4BED-EFBA-4565-AF8D-ECBDF5934E2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8458p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED46098F-38C6-48CF-8BED-41423A6A4531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8460h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD8A966-382A-4737-B56F-59D68831B501",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8460y\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CCC2770-7DAE-41E9-A28F-FA742108174E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8461v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE9690A-18D5-421A-B9B1-FD3FD6F5BB6E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8462y\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "336A6519-66D9-4F2A-9597-39BAD742129E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8468:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1F65118-E8A7-44F1-A882-8B5E9C7E3C72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8468h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0004ECE3-BECD-4E60-BE35-23DDAD1758FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8468v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB861F62-6FA8-498A-B882-6E30814C15DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8470:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD61523A-0CF0-4416-AC53-26F0415FA462",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8470n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC3448FA-4298-45EE-BA58-3202C5851540",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8471n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "569AE756-7CEC-44D7-9D4C-F1AE534F58DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8480\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCDFD394-1E5A-44AF-AB7F-610FBE69102A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8490h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73363441-FC21-4183-89CE-5F52BE8EAEBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_silver_4410t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A3B836B-2636-4015-9F64-6272E888A133",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_silver_4410y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16968277-3B4A-4B98-944A-4FFA6FAA7FAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access."
    },
    {
      "lang": "es",
      "value": "Las credenciales insuficientemente protegidas en algunos firmware OpenBMC de productos de servidor Intel(R) anteriores a las versiones egs-1.05 pueden permitir que un usuario no autenticado habilite la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso a la red."
    }
  ],
  "id": "CVE-2023-32280",
  "lastModified": "2026-01-14T18:26:21.277",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "secure@intel.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-02-14T14:15:50.687",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-522"
        }
      ],
      "source": "secure@intel.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.