Lucene search

IntelCVELIST:CVE-2023-30768

HistoryMay 12, 2023 - 2:01 p.m.

CVE-2023-30768

2023-05-1214:01:48

CWE-284

intel

www.cve.org

cve-2023-30768

intel server board

access control

bios

escalation of privilege

CVSS3

7.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

Improper access control in the Intel® Server Board S2600WTT belonging to the Intel® Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family",
    "versions": [
      {
        "version": "BIOS version 0016",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00056.html

CVSS3

7.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-30768