CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
12.6%
Insufficient session validation in Intel® Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local access.
Vendor | Product | Version | CPE |
---|---|---|---|
intel | baseboard_management_controller_firmware | * | cpe:2.3:o:intel:baseboard_management_controller_firmware:*:*:*:*:*:*:*:* |
intel | bbs2600bpb | - | cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:* |
intel | bbs2600bpbr | - | cpe:2.3:h:intel:bbs2600bpbr:-:*:*:*:*:*:*:* |
intel | bbs2600bpq | - | cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:* |
intel | bbs2600bpqr | - | cpe:2.3:h:intel:bbs2600bpqr:-:*:*:*:*:*:*:* |
intel | bbs2600bps | - | cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:* |
intel | bbs2600bpsr | - | cpe:2.3:h:intel:bbs2600bpsr:-:*:*:*:*:*:*:* |
intel | bbs2600stb | - | cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:* |
intel | bbs2600stbr | - | cpe:2.3:h:intel:bbs2600stbr:-:*:*:*:*:*:*:* |
intel | bbs2600stq | - | cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
12.6%