CVE-2019-11168

EPSS 1.03%
Veröffentlicht 14.11.2019 17:15:13
Zuletzt bearbeitet 21.11.2024 04:20:39
Quelle secure@intel.com
Teams Watchlist Login
Unerledigt Login

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Intel ≫ Baseboard Management Controller Firmware Version < 2.18

   Intel ≫ Bbs2600bpb Version-
   Intel ≫ Bbs2600bpbr Version-
   Intel ≫ Bbs2600bpq Version-
   Intel ≫ Bbs2600bpqr Version-
   Intel ≫ Bbs2600bps Version-
   Intel ≫ Bbs2600bpsr Version-
   Intel ≫ Bbs2600stb Version-
   Intel ≫ Bbs2600stbr Version-
   Intel ≫ Bbs2600stq Version-
   Intel ≫ Bbs2600stqr Version-
   Intel ≫ Hns2600bpb Version-
   Intel ≫ Hns2600bpb24 Version-
   Intel ≫ Hns2600bpb24r Version-
   Intel ≫ Hns2600bpb24rx Version-
   Intel ≫ Hns2600bpblc Version-
   Intel ≫ Hns2600bpblc24 Version-
   Intel ≫ Hns2600bpblc24r Version-
   Intel ≫ Hns2600bpblcr Version-
   Intel ≫ Hns2600bpbr Version-
   Intel ≫ Hns2600bpbrx Version-
   Intel ≫ Hns2600bpq Version-
   Intel ≫ Hns2600bpq24 Version-
   Intel ≫ Hns2600bpq24r Version-
   Intel ≫ Hns2600bpqr Version-
   Intel ≫ Hns2600bps Version-
   Intel ≫ Hns2600bps24 Version-
   Intel ≫ Hns2600bps24r Version-
   Intel ≫ Hns2600bpsr Version-
   Intel ≫ Hpchns2600bpbr Version-
   Intel ≫ Hpchns2600bpqr Version-
   Intel ≫ Hpchns2600bpsr Version-
   Intel ≫ Hpcr1208wfqysr Version-
   Intel ≫ Hpcr1208wftysr Version-
   Intel ≫ Hpcr1304wf0ysr Version-
   Intel ≫ Hpcr1304wftysr Version-
   Intel ≫ Hpcr2208wf0zsr Version-
   Intel ≫ Hpcr2208wfqzsr Version-
   Intel ≫ Hpcr2208wftzsr Version-
   Intel ≫ Hpcr2208wftzsrx Version-
   Intel ≫ Hpcr2224wftzsr Version-
   Intel ≫ Hpcr2308wftzsr Version-
   Intel ≫ Hpcr2312wf0npr Version-
   Intel ≫ Hpcr2312wftzsr Version-
   Intel ≫ R1208wfqysr Version-
   Intel ≫ R1208wftys Version-
   Intel ≫ R1208wftysr Version-
   Intel ≫ R1304wf0ys Version-
   Intel ≫ R1304wf0ysr Version-
   Intel ≫ R1304wftys Version-
   Intel ≫ R1304wftysr Version-
   Intel ≫ R2208wf0zs Version-
   Intel ≫ R2208wf0zsr Version-
   Intel ≫ R2208wfqzs Version-
   Intel ≫ R2208wfqzsr Version-
   Intel ≫ R2208wftzs Version-
   Intel ≫ R2208wftzsr Version-
   Intel ≫ R2208wftzsrx Version-
   Intel ≫ R2224wfqzs Version-
   Intel ≫ R2224wftzs Version-
   Intel ≫ R2224wftzsr Version-
   Intel ≫ R2308wftzs Version-
   Intel ≫ R2308wftzsr Version-
   Intel ≫ R2312wf0np Version-
   Intel ≫ R2312wf0npr Version-
   Intel ≫ R2312wfqzs Version-
   Intel ≫ R2312wftzs Version-
   Intel ≫ R2312wftzsr Version-
   Intel ≫ S2600stb Version-
   Intel ≫ S2600stbr Version-
   Intel ≫ S2600stq Version-
   Intel ≫ S2600stqr Version-
   Intel ≫ S2600wf0 Version-
   Intel ≫ S2600wf0r Version-
   Intel ≫ S2600wfq Version-
   Intel ≫ S2600wfqr Version-
   Intel ≫ S2600wft Version-
   Intel ≫ S2600wftr Version-
   Intel ≫ S9232wk1hlc Version-
   Intel ≫ S9232wk2hac Version-
   Intel ≫ S9232wk2hlc Version-
   Intel ≫ S9248wk1hlc Version-
   Intel ≫ S9248wk2hac Version-
   Intel ≫ S9248wk2hlc Version-
   Intel ≫ S9256wk1hlc Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.03%	0.753

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:N/A:P

https://support.f5.com/csp/article/K64346530?utm_source=f5support&amp%3Butm_medium=RSS

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-11168

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-11168

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-11168

EUVD