Search criteria
30 vulnerabilities found for server_system_d50tnp2mhstac_firmware by intel
FKIE_CVE-2023-28411
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:55
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"id": "CVE-2023-28411",
"lastModified": "2024-11-21T07:55:00.837",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 4.7,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:33.343",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-25776
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:50
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"id": "CVE-2023-25776",
"lastModified": "2024-11-21T07:50:10.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:32.490",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-25545
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:49
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"id": "CVE-2023-25545",
"lastModified": "2024-11-21T07:49:42.220",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:32.107",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-92"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-24475
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:47
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"id": "CVE-2023-24475",
"lastModified": "2024-11-21T07:47:56.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:31.273",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-25175
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:49
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"id": "CVE-2023-25175",
"lastModified": "2024-11-21T07:49:15.347",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:31.587",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-22661
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:45
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"id": "CVE-2023-22661",
"lastModified": "2024-11-21T07:45:09.260",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:29.207",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-22443
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:44
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access."
}
],
"id": "CVE-2023-22443",
"lastModified": "2024-11-21T07:44:48.817",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:28.600",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-680"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-22442
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:44
Severity ?
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"id": "CVE-2023-22442",
"lastModified": "2024-11-21T07:44:48.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:28.187",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-22379
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:44
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"id": "CVE-2023-22379",
"lastModified": "2024-11-21T07:44:39.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 4.7,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:27.557",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-22297
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:44
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrlc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC5770-6109-4181-A2F9-35146DFD1FDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E07ECAC5-D17C-4602-9F2A-B7AE1DFF0818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcpac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7588C0-6232-4969-B94F-835D8DECE894",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcpac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB006675-7691-40AB-9563-86CF841B84C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhsvac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D969D7F5-58AD-4B54-9579-0EFC0C19EFDC",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhsvac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45DED88-F3FE-41C7-B97A-830EC2B1C757",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mhstac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2D40D8-D1D4-443F-8E0C-A787CC01B794",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mhstac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF40323A-00D7-4422-9E47-9B419BD761F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp1mhcrac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDE560-F58E-4620-90A7-6CAC4C00F9EB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp1mhcrac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6474F3CF-2D17-4CCD-8A5A-7C4EB84B9EB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_d50tnp2mfalac_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30221D4C-6BA7-4EC6-89FA-67F3BC68C237",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_d50tnp2mfalac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B9EAF1-8AF8-4A9F-A8C7-043F979C2C44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur204_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4826826-A129-4A64-AF27-5168A2FF1ED4",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A102CB0A-9D55-41C6-80E2-B596A0C94D03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp1ur212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73008132-69ED-46E7-8D6D-060DFDCC1A2D",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp1ur212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A3D489-D50E-4768-92A9-61949544224C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur312_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72061DFD-D850-4F75-A299-7E035E4E4416",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur312:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D91066F0-B4DA-450C-A0A3-F888959B2A10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:server_system_m50cyp2ur208_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1422D93E-6E61-45C3-BFCD-967AF06B5AAB",
"versionEndExcluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:server_system_m50cyp2ur208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33C4712C-CBFE-4CF3-996F-CB0922101093",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"id": "CVE-2023-22297",
"lastModified": "2024-11-21T07:44:28.717",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:26.607",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-788"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-22443 (GCVE-0-2023-22443)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access.
Severity ?
6 (Medium)
CWE
- denial of service
- CWE-680 - Integer overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:08.347759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:05.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
},
{
"cweId": "CWE-680",
"description": "Integer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:08.741Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22443",
"datePublished": "2023-05-10T13:17:08.741Z",
"dateReserved": "2023-02-01T04:00:02.602Z",
"dateUpdated": "2025-01-27T18:02:05.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24475 (GCVE-0-2023-24475)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6 (Medium)
CWE
- information disclosure
- CWE-125 - Out-of-bounds read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:11.198233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:21.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-125",
"description": "Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:07.225Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-24475",
"datePublished": "2023-05-10T13:17:07.225Z",
"dateReserved": "2023-02-15T04:00:02.948Z",
"dateUpdated": "2025-01-27T18:02:21.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28411 (GCVE-0-2023-28411)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.3 (Medium)
CWE
- information disclosure
- CWE-415 - Double free
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:16.904215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:44.772Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-415",
"description": "Double free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:06.167Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-28411",
"datePublished": "2023-05-10T13:17:06.167Z",
"dateReserved": "2023-03-22T03:00:05.332Z",
"dateUpdated": "2025-01-27T18:02:44.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25175 (GCVE-0-2023-25175)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.1 (Medium)
CWE
- information disclosure
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:18:35.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:14.033198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:32.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:06.661Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-25175",
"datePublished": "2023-05-10T13:17:06.661Z",
"dateReserved": "2023-02-15T04:00:02.876Z",
"dateUpdated": "2025-01-27T18:02:32.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22379 (GCVE-0-2023-22379)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.7 (Medium)
CWE
- information disclosure
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:22.584952Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:07.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:05.067Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22379",
"datePublished": "2023-05-10T13:17:05.067Z",
"dateReserved": "2023-02-15T04:00:02.990Z",
"dateUpdated": "2025-01-27T18:03:07.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25776 (GCVE-0-2023-25776)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.3 (Medium)
CWE
- information disclosure
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:32:12.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:19.647845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:55.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:05.623Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-25776",
"datePublished": "2023-05-10T13:17:05.623Z",
"dateReserved": "2023-02-15T04:00:02.911Z",
"dateUpdated": "2025-01-27T18:02:55.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22442 (GCVE-0-2023-22442)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
7.9 (High)
CWE
- escalation of privilege
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:25.281309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:18.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:04.514Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22442",
"datePublished": "2023-05-10T13:17:04.514Z",
"dateReserved": "2023-02-01T04:00:02.805Z",
"dateUpdated": "2025-01-27T18:03:18.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25545 (GCVE-0-2023-25545)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
8.2 (High)
CWE
- escalation of privilege
- CWE-92 - Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:19.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:34.667368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:29.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-92",
"description": "Improper buffer restrictions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:04.014Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-25545",
"datePublished": "2023-05-10T13:17:04.014Z",
"dateReserved": "2023-02-15T04:00:03.037Z",
"dateUpdated": "2025-01-27T18:03:29.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22297 (GCVE-0-2023-22297)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
8.2 (High)
CWE
- escalation of privilege
- CWE-788 - Access of memory location after end of buffer
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:37.351458Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:42.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-788",
"description": "Access of memory location after end of buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:03.477Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22297",
"datePublished": "2023-05-10T13:17:03.477Z",
"dateReserved": "2023-02-15T04:00:03.017Z",
"dateUpdated": "2025-01-27T18:03:42.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22661 (GCVE-0-2023-22661)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
8.2 (High)
CWE
- escalation of privilege
- CWE-120 - Buffer overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:40.160374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:54.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-120",
"description": "Buffer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:02.969Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22661",
"datePublished": "2023-05-10T13:17:02.969Z",
"dateReserved": "2023-02-15T04:00:02.854Z",
"dateUpdated": "2025-01-27T18:03:54.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22443 (GCVE-0-2023-22443)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access.
Severity ?
6 (Medium)
CWE
- denial of service
- CWE-680 - Integer overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:08.347759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:05.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
},
{
"cweId": "CWE-680",
"description": "Integer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:08.741Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22443",
"datePublished": "2023-05-10T13:17:08.741Z",
"dateReserved": "2023-02-01T04:00:02.602Z",
"dateUpdated": "2025-01-27T18:02:05.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24475 (GCVE-0-2023-24475)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6 (Medium)
CWE
- information disclosure
- CWE-125 - Out-of-bounds read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:11.198233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:21.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-125",
"description": "Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:07.225Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-24475",
"datePublished": "2023-05-10T13:17:07.225Z",
"dateReserved": "2023-02-15T04:00:02.948Z",
"dateUpdated": "2025-01-27T18:02:21.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28411 (GCVE-0-2023-28411)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.3 (Medium)
CWE
- information disclosure
- CWE-415 - Double free
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:16.904215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:44.772Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-415",
"description": "Double free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:06.167Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-28411",
"datePublished": "2023-05-10T13:17:06.167Z",
"dateReserved": "2023-03-22T03:00:05.332Z",
"dateUpdated": "2025-01-27T18:02:44.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25175 (GCVE-0-2023-25175)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.1 (Medium)
CWE
- information disclosure
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:18:35.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:14.033198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:32.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:06.661Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-25175",
"datePublished": "2023-05-10T13:17:06.661Z",
"dateReserved": "2023-02-15T04:00:02.876Z",
"dateUpdated": "2025-01-27T18:02:32.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22379 (GCVE-0-2023-22379)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.7 (Medium)
CWE
- information disclosure
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:22.584952Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:07.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:05.067Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22379",
"datePublished": "2023-05-10T13:17:05.067Z",
"dateReserved": "2023-02-15T04:00:02.990Z",
"dateUpdated": "2025-01-27T18:03:07.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25776 (GCVE-0-2023-25776)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:02
VLAI?
Summary
Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.
Severity ?
6.3 (Medium)
CWE
- information disclosure
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:32:12.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:19.647845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:55.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:05.623Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-25776",
"datePublished": "2023-05-10T13:17:05.623Z",
"dateReserved": "2023-02-15T04:00:02.911Z",
"dateUpdated": "2025-01-27T18:02:55.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22442 (GCVE-0-2023-22442)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
7.9 (High)
CWE
- escalation of privilege
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:26:25.281309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:18.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:04.514Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22442",
"datePublished": "2023-05-10T13:17:04.514Z",
"dateReserved": "2023-02-01T04:00:02.805Z",
"dateUpdated": "2025-01-27T18:03:18.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25545 (GCVE-0-2023-25545)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
8.2 (High)
CWE
- escalation of privilege
- CWE-92 - Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:19.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:34.667368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:29.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-92",
"description": "Improper buffer restrictions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:04.014Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-25545",
"datePublished": "2023-05-10T13:17:04.014Z",
"dateReserved": "2023-02-15T04:00:03.037Z",
"dateUpdated": "2025-01-27T18:03:29.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22297 (GCVE-0-2023-22297)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
8.2 (High)
CWE
- escalation of privilege
- CWE-788 - Access of memory location after end of buffer
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:37.351458Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:42.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-788",
"description": "Access of memory location after end of buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:03.477Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22297",
"datePublished": "2023-05-10T13:17:03.477Z",
"dateReserved": "2023-02-15T04:00:03.017Z",
"dateUpdated": "2025-01-27T18:03:42.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22661 (GCVE-0-2023-22661)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-27 18:03
VLAI?
Summary
Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Severity ?
8.2 (High)
CWE
- escalation of privilege
- CWE-120 - Buffer overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board BMC firmware |
Affected:
before version 2.90
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:40.160374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:03:54.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board BMC firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.90"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-120",
"description": "Buffer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:02.969Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22661",
"datePublished": "2023-05-10T13:17:02.969Z",
"dateReserved": "2023-02-15T04:00:02.854Z",
"dateUpdated": "2025-01-27T18:03:54.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}