7.8

CVE-2020-0586

Improper initialization in subsystem for Intel(R) SPS versions before SPS_E3_04.01.04.109.0 and SPS_E3_04.08.04.070.0 may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IntelServer Platform Services Version >= sps_e3_04.00.00.000.0 < sps_e3_04.01.04.109.0
IntelServer Platform Services Version >= sps_e3_04.08.00.000.0 < sps_e3_04.08.04.070.0
IntelServer Platform Services Version >= sps_e5_04.00.00.000.0 < sps_e5_04.01.04.380.0
IntelServer Platform Services Version >= sps_soc-a_04.00.00.000.0 < sps_soc-a_04.00.04.211.0
IntelServer Platform Services Version >= sps_soc-x_04.00.00.000.0 < sps_soc-x_04.00.04.128.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.272
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

https://support.lenovo.com/de/en/product_security/len-30041
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
Vendor Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10321
https://security.netapp.com/advisory/ntap-20200611-0004/