Lucene search

IntelCVE-2019-11178

HistoryNov 14, 2019 - 5:15 p.m.

CVE-2019-11178

2019-11-1417:15:14

CWE-120

intel

web.nvd.nist.gov

cve-2019-11178

intel

baseboard management controller

firmware

stack overflow

authenticated user

information disclosure

denial of service

network access

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:N/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

34.0%

JSON

Stack overflow in Intel® Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access.

Affected configurations

Nvd

Node

intelbaseboard_management_controller_firmwareRange<2.18

AND

intelbbs2600bpbMatch-

intelbbs2600bpbrMatch-

intelbbs2600bpqMatch-

intelbbs2600bpqrMatch-

intelbbs2600bpsMatch-

intelbbs2600bpsrMatch-

intelbbs2600stbMatch-

intelbbs2600stbrMatch-

intelbbs2600stqMatch-

intelbbs2600stqrMatch-

intelhns2600bpbMatch-

intelhns2600bpb24Match-

intelhns2600bpb24rMatch-

intelhns2600bpb24rxMatch-

intelhns2600bpblcMatch-

intelhns2600bpblc24Match-

intelhns2600bpblc24rMatch-

intelhns2600bpblcrMatch-

intelhns2600bpbrMatch-

intelhns2600bpbrxMatch-

intelhns2600bpqMatch-

intelhns2600bpq24Match-

intelhns2600bpq24rMatch-

intelhns2600bpqrMatch-

intelhns2600bpsMatch-

intelhns2600bps24Match-

intelhns2600bps24rMatch-

intelhns2600bpsrMatch-

intelhpchns2600bpbrMatch-

intelhpchns2600bpqrMatch-

intelhpchns2600bpsrMatch-

intelhpcr1208wfqysrMatch-

intelhpcr1208wftysrMatch-

intelhpcr1304wf0ysrMatch-

intelhpcr1304wftysrMatch-

intelhpcr2208wf0zsrMatch-

intelhpcr2208wfqzsrMatch-

intelhpcr2208wftzsrMatch-

intelhpcr2208wftzsrxMatch-

intelhpcr2224wftzsrMatch-

intelhpcr2308wftzsrMatch-

intelhpcr2312wf0nprMatch-

intelhpcr2312wftzsrMatch-

intelr1208wfqysrMatch-

intelr1208wftysMatch-

intelr1208wftysrMatch-

intelr1304wf0ysMatch-

intelr1304wf0ysrMatch-

intelr1304wftysMatch-

intelr1304wftysrMatch-

intelr2208wf0zsMatch-

intelr2208wf0zsrMatch-

intelr2208wfqzsMatch-

intelr2208wfqzsrMatch-

intelr2208wftzsMatch-

intelr2208wftzsrMatch-

intelr2208wftzsrxMatch-

intelr2224wfqzsMatch-

intelr2224wftzsMatch-

intelr2224wftzsrMatch-

intelr2308wftzsMatch-

intelr2308wftzsrMatch-

intelr2312wf0npMatch-

intelr2312wf0nprMatch-

intelr2312wfqzsMatch-

intelr2312wftzsMatch-

intelr2312wftzsrMatch-

intels2600stbMatch-

intels2600stbrMatch-

intels2600stqMatch-

intels2600stqrMatch-

intels2600wf0Match-

intels2600wf0rMatch-

intels2600wfqMatch-

intels2600wfqrMatch-

intels2600wftMatch-

intels2600wftrMatch-

intels9232wk1hlcMatch-

intels9232wk2hacMatch-

intels9232wk2hlcMatch-

intels9248wk1hlcMatch-

intels9248wk2hacMatch-

intels9248wk2hlcMatch-

intels9256wk1hlcMatch-

VendorProductVersionCPE
intelbaseboard_management_controller_firmware*cpe:2.3:o:intel:baseboard_management_controller_firmware:*:*:*:*:*:*:*:*
intelbbs2600bpb-cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*
intelbbs2600bpbr-cpe:2.3:h:intel:bbs2600bpbr:-:*:*:*:*:*:*:*
intelbbs2600bpq-cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*
intelbbs2600bpqr-cpe:2.3:h:intel:bbs2600bpqr:-:*:*:*:*:*:*:*
intelbbs2600bps-cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*
intelbbs2600bpsr-cpe:2.3:h:intel:bbs2600bpsr:-:*:*:*:*:*:*:*
intelbbs2600stb-cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*
intelbbs2600stbr-cpe:2.3:h:intel:bbs2600stbr:-:*:*:*:*:*:*:*
intelbbs2600stq-cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	baseboard_management_controller_firmware	*	cpe:2.3:o:intel:baseboard_management_controller_firmware::::::::
intel	bbs2600bpb	-	cpe:2.3:h:intel:bbs2600bpb:-:::::::*
intel	bbs2600bpbr	-	cpe:2.3:h:intel:bbs2600bpbr:-:::::::*
intel	bbs2600bpq	-	cpe:2.3:h:intel:bbs2600bpq:-:::::::*
intel	bbs2600bpqr	-	cpe:2.3:h:intel:bbs2600bpqr:-:::::::*
intel	bbs2600bps	-	cpe:2.3:h:intel:bbs2600bps:-:::::::*
intel	bbs2600bpsr	-	cpe:2.3:h:intel:bbs2600bpsr:-:::::::*
intel	bbs2600stb	-	cpe:2.3:h:intel:bbs2600stb:-:::::::*
intel	bbs2600stbr	-	cpe:2.3:h:intel:bbs2600stbr:-:::::::*
intel	bbs2600stq	-	cpe:2.3:h:intel:bbs2600stq:-:::::::*

Rows per page:

1-10 of 851

CNA Affected

[
  {
    "product": "Intel(R) BMC",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "See provided reference"
      }
    ]
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:N/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

34.0%

JSON

Related for CVE-2019-11178