8.2
CVE-2023-34431
- EPSS 0.06%
- Veröffentlicht 14.11.2023 19:15:28
- Zuletzt bearbeitet 21.11.2024 08:07:13
- Quelle secure@intel.com
- Teams Watchlist Login
- Unerledigt Login
Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Server Board M70klp2sb Firmware Version < 01.04.0022
Intel ≫ Server System M70klp4s2uhh Firmware Version < 01.04.0022
Intel ≫ Server Board M20ntp2sb Firmware Version < 0022.d02
Intel ≫ Server System M20ntp1ur304 Firmware Version < 0022.d02
Intel ≫ Server Board M10jnp2sb Firmware Version < 7.219
Intel ≫ Server Board S2600bpbr Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bps Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpsr Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpqr Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpb Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpq Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblcr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblc Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblc24r Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bps Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bps24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpbr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpqr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpsr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bps24r Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpq24r Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpb24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpb Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblc24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpq Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpq24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Liquid-cooled Hns2600bpbrct Firmware Version < 02.01.0015
Intel ≫ Server System Vrn2224bpaf6 Firmware Version < 02.01.0015
Intel ≫ Server System Vrn2224bphy6 Firmware Version < 02.01.0015
Intel ≫ Server System Mcb2208wfaf5 Firmware Version < 02.01.0015
Intel ≫ Server System Zsb2224bpaf2 Firmware Version < 02.01.0015
Intel ≫ Server System Zsb2224bphy1 Firmware Version < 02.01.0015
Intel ≫ Server System Zsb2224bpaf1 Firmware Version < 02.01.0015
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.177 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| secure@intel.com | 8.2 | 1.5 | 6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.