Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIntelCVE-2022-35729
HistoryFeb 16, 2023 - 9:15 p.m.

CVE-2022-35729

2023-02-1621:15:13
CWE-125
intel
web.nvd.nist.gov
20
cve-2022-35729
firmware vulnerability
openbmc
denial of service
intel platform
nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

29.9%

JSON

Out of bounds read in firmware for OpenBMC in some Intel® platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.

Affected configurations

Nvd
Vulners
Node
openbmc-projectopenbmcRange<0.72
AND
intelc621aMatch-
OR
intelc624aMatch-
OR
intelc627aMatch-
OR
intelc629aMatch-
OR
intelxeon_gold_5315yMatch-
OR
intelxeon_gold_5317Match-
OR
intelxeon_gold_5318hMatch-
OR
intelxeon_gold_5318nMatch-
OR
intelxeon_gold_5318sMatch-
OR
intelxeon_gold_5318yMatch-
OR
intelxeon_gold_5320Match-
OR
intelxeon_gold_5320hMatch-
OR
intelxeon_gold_5320tMatch-
OR
intelxeon_gold_6312uMatch-
OR
intelxeon_gold_6314uMatch-
OR
intelxeon_gold_6326Match-
OR
intelxeon_gold_6328hMatch-
OR
intelxeon_gold_6328hlMatch-
OR
intelxeon_gold_6330Match-
OR
intelxeon_gold_6330hMatch-
OR
intelxeon_gold_6330nMatch-
OR
intelxeon_gold_6334Match-
OR
intelxeon_gold_6336yMatch-
OR
intelxeon_gold_6338Match-
OR
intelxeon_gold_6338nMatch-
OR
intelxeon_gold_6338tMatch-
OR
intelxeon_gold_6342Match-
OR
intelxeon_gold_6346Match-
OR
intelxeon_gold_6348Match-
OR
intelxeon_gold_6348hMatch-
OR
intelxeon_gold_6354Match-
OR
intelxeon_platinum_8351nMatch-
OR
intelxeon_platinum_8352mMatch-
OR
intelxeon_platinum_8352sMatch-
OR
intelxeon_platinum_8352vMatch-
OR
intelxeon_platinum_8352yMatch-
OR
intelxeon_platinum_8353hMatch-
OR
intelxeon_platinum_8354hMatch-
OR
intelxeon_platinum_8356hMatch-
OR
intelxeon_platinum_8358Match-
OR
intelxeon_platinum_8358pMatch-
OR
intelxeon_platinum_8360hMatch-
OR
intelxeon_platinum_8360hlMatch-
OR
intelxeon_platinum_8360yMatch-
OR
intelxeon_platinum_8362Match-
OR
intelxeon_platinum_8368Match-
OR
intelxeon_platinum_8368qMatch-
OR
intelxeon_platinum_8376hMatch-
OR
intelxeon_platinum_8376hlMatch-
OR
intelxeon_platinum_8380Match-
OR
intelxeon_platinum_8380hMatch-
OR
intelxeon_platinum_8380hlMatch-
OR
intelxeon_silver_4309yMatch-
OR
intelxeon_silver_4310Match-
OR
intelxeon_silver_4310tMatch-
OR
intelxeon_silver_4314Match-
OR
intelxeon_silver_4316Match-
VendorProductVersionCPE
openbmc-projectopenbmc*cpe:2.3:a:openbmc-project:openbmc:*:*:*:*:*:*:*:*
intelc621a-cpe:2.3:h:intel:c621a:-:*:*:*:*:*:*:*
intelc624a-cpe:2.3:h:intel:c624a:-:*:*:*:*:*:*:*
intelc627a-cpe:2.3:h:intel:c627a:-:*:*:*:*:*:*:*
intelc629a-cpe:2.3:h:intel:c629a:-:*:*:*:*:*:*:*
intelxeon_gold_5315y-cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:*
intelxeon_gold_5317-cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:*
intelxeon_gold_5318h-cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:*
intelxeon_gold_5318n-cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:*
intelxeon_gold_5318s-cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 581

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "OpenBMC",
    "versions": [
      {
        "version": "before version 0.72",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Related

nvd 1
cvelist 1
prion 1
intel 1
f5 1
nvd
nvd
CVE-2022-35729
2023-02-16 21:15:13
cvelist
cvelist
CVE-2022-35729
2023-02-16 20:00:21
prion
prion
Authorization
2023-02-16 21:15:00
intel
intel
Integrated BMC and OpenBMC Firmware Advisory
2023-02-14 00:00:00
f5
f5
K000133512 : Intel platform vulnerabilities (INTEL-SA-00737) CVE-2021-39295, CVE-2021-39296, CVE-2022-29493, CVE-2022-29494, and CVE-2022-35729
2023-04-14 00:00:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

29.9%

JSON
Related for CVE-2022-35729
nvd1cvelist1prion1intel1f51