Lucene search

F5F5:K43877335

HistoryNov 26, 2020 - 12:00 a.m.

K43877335 : Intel software vulnerabilities CVE-2020-8751, CVE-2020-8755, CVE-2020-8761, CVE-2020-12303

2020-11-2600:00:00

my.f5.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.8%

JSON

Security Advisory Description

CVE-2020-8751

Insufficient control flow management in subsystem for Intel® CSME versions before 11.8.80, Intel® TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2020-8755

Race condition in subsystem for Intel® CSME versions before 12.0.70 and 14.0.45, Intel® SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVE-2020-8761

Inadequate encryption strength in subsystem for Intel® CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2020-12303

Use after free in DAL subsystem for Intel® CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel® TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

Impact

There is no impact; F5 products are not affected by this vulnerability.

CPENameOperatorVersion
f5 ssl orchestratoreq14.1.0
f5 ssl orchestratoreq15.1.0
f5 ssl orchestratoreq15.1.1
f5 ssl orchestratoreq16.0.0
big-ip afmeq11.6.1
big-ip afmeq11.6.2
big-ip afmeq11.6.3
big-ip afmeq11.6.4
big-ip afmeq11.6.5
big-ip afmeq12.1.0

Name	Operator	Version
f5 ssl orchestrator	eq	14.1.0
f5 ssl orchestrator	eq	15.1.0
f5 ssl orchestrator	eq	15.1.1
f5 ssl orchestrator	eq	16.0.0
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2
big-ip afm	eq	11.6.3
big-ip afm	eq	11.6.4
big-ip afm	eq	11.6.5
big-ip afm	eq	12.1.0

Rows per page:

1-10 of 2001