Lucene search

AMIVULNRICHMENT:CVE-2023-34469

HistorySep 12, 2023 - 3:21 p.m.

CVE-2023-34469 Cold Rest Vulnerabiltiy

2023-09-1215:21:11

CWE-284

AMI

github.com

cve-2023-34469

cold rest vulnerability

bios access control

physical network

confidentiality loss

CVSS3

4.9

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the physical network. A successful exploit of this vulnerability may lead to a loss of confidentiality.

References

9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023007.pdf

CVSS3

4.9

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-34469