5.9
CVE-2018-3616
- EPSS 1.55%
- Published 12.09.2018 19:29:02
- Last modified 21.11.2024 04:05:46
- Source secure@intel.com
- Teams watchlist Login
- Open Login
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
Data is provided by the National Vulnerability Database (NVD)
Intel ≫ Converged Security Management Engine Firmware Version >= 11.0.0 < 12.0.5
Intel ≫ Active Management Technology Firmware Version < 12.0.5
Intel ≫ Manageability Engine Firmware Version >= 9.0.0.0 < 11.0
Siemens ≫ Simatic Field Pg M5 Firmware Version < 22.01.06
Siemens ≫ Simatic Ipc427e Firmware Version < 21.01.09
Siemens ≫ Simatic Ipc477e Firmware Version < 21.01.09
Siemens ≫ Simatic Ipc547e Firmware Version < r1.30.0
Siemens ≫ Simatic Pc547g Firmware Version < r1.23.0
Siemens ≫ Simatic Ipc627d Firmware Version < 19.02.11
Siemens ≫ Simatic Ipc647d Firmware Version < 19.01.14
Siemens ≫ Simatic Ipc677d Firmware Version < 19.02.11
Siemens ≫ Simatic Ipc827d Firmware Version < 19.02.11
Siemens ≫ Simatic Ipc847d Firmware Version < 19.01.14
Siemens ≫ Simatic Itp1000 Firmware Version < 23.01.04
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.55% | 0.806 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|