Lucene search
IntelCVE-2022-29494HistoryFeb 16, 2023 - 9:15 p.m.
CVE-2022-29494
2023-02-1621:15:11
CWE-20
intel
web.nvd.nist.gov
24
cve-2022-29494
openbmc
firmware
intel platforms
input validation
denial of service
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
36.8%
Improper input validation in firmware for OpenBMC in some Intel® platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.
Affected configurations
Node
intelopenbmcRange<wht-1.01-61_0.72
intelc621aMatch-
ORintelc627aMatch-
ORintelc629aMatch-
ORintelxeon_gold_5315yMatch-
ORintelxeon_gold_5317Match-
ORintelxeon_gold_5318hMatch-
ORintelxeon_gold_5318nMatch-
ORintelxeon_gold_5318sMatch-
ORintelxeon_gold_5318yMatch-
ORintelxeon_gold_5320Match-
ORintelxeon_gold_5320hMatch-
ORintelxeon_gold_5320tMatch-
ORintelxeon_gold_6312uMatch-
ORintelxeon_gold_6314uMatch-
ORintelxeon_gold_6326Match-
ORintelxeon_gold_6328hMatch-
ORintelxeon_gold_6328hlMatch-
ORintelxeon_gold_6330Match-
ORintelxeon_gold_6330hMatch-
ORintelxeon_gold_6330nMatch-
ORintelxeon_gold_6334Match-
ORintelxeon_gold_6336yMatch-
ORintelxeon_gold_6338Match-
ORintelxeon_gold_6338nMatch-
ORintelxeon_gold_6338tMatch-
ORintelxeon_gold_6342Match-
ORintelxeon_gold_6346Match-
ORintelxeon_gold_6348Match-
ORintelxeon_gold_6348hMatch-
ORintelxeon_gold_6354Match-
ORintelxeon_platinum_8351nMatch-
ORintelxeon_platinum_8352mMatch-
ORintelxeon_platinum_8352sMatch-
ORintelxeon_platinum_8352vMatch-
ORintelxeon_platinum_8352yMatch-
ORintelxeon_platinum_8353hMatch-
ORintelxeon_platinum_8354hMatch-
ORintelxeon_platinum_8356hMatch-
ORintelxeon_platinum_8358Match-
ORintelxeon_platinum_8358pMatch-
ORintelxeon_platinum_8360hMatch-
ORintelxeon_platinum_8360hlMatch-
ORintelxeon_platinum_8360yMatch-
ORintelxeon_platinum_8362Match-
ORintelxeon_platinum_8368Match-
ORintelxeon_platinum_8368qMatch-
ORintelxeon_platinum_8376hMatch-
ORintelxeon_platinum_8376hlMatch-
ORintelxeon_platinum_8380Match-
ORintelxeon_platinum_8380hMatch-
ORintelxeon_platinum_8380hlMatch-
ORintelxeon_silver_4309yMatch-
ORintelxeon_silver_4310Match-
ORintelxeon_silver_4310tMatch-
ORintelxeon_silver_4314Match-
ORintelxeon_silver_4316Match-
Node
intelopenbmcRange<egs-0.91-179
intelc741Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | openbmc | * | cpe:2.3:o:intel:openbmc:*:*:*:*:*:*:*:* |
| intel | c621a | - | cpe:2.3:h:intel:c621a:-:*:*:*:*:*:*:* |
| intel | c627a | - | cpe:2.3:h:intel:c627a:-:*:*:*:*:*:*:* |
| intel | c629a | - | cpe:2.3:h:intel:c629a:-:*:*:*:*:*:*:* |
| intel | xeon_gold_5315y | - | cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:* |
| intel | xeon_gold_5317 | - | cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:* |
| intel | xeon_gold_5318h | - | cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:* |
| intel | xeon_gold_5318n | - | cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:* |
| intel | xeon_gold_5318s | - | cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:* |
| intel | xeon_gold_5318y | - | cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "OpenBMC",
"versions": [
{
"version": "before versions egs-0.91-179 and bhs-04-45",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Input validation
2023-02-16 21:15:00
cvelist
cvelist
CVE-2022-29494
2023-02-16 20:00:21
nvd
nvd
CVE-2022-29494
2023-02-16 21:15:11
intel
intel
Integrated BMC and OpenBMC Firmware Advisory
2023-02-14 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
36.8%
Related for CVE-2022-29494