cvelistv5 - cve-2018-12171

CVE-2018-12171 (GCVE-0-2018-12171)

Vulnerability from cvelistv5 – Published: 2018-09-12 19:00 – Updated: 2024-09-16 20:02

Summary

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.

Severity ?

No CVSS data available.

CWE

Escalation of Privilege, Denial of Service

Assigner

intel

References

URL

Tags

https://www.intel.com/content/www/us/en/security-…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Intel(R) Baseboard Management Controller (BMC) firmware	Affected: Versions before 1.43.91f76955.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:58.489Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) Baseboard Management Controller (BMC) firmware",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions before 1.43.91f76955."
            }
          ]
        }
      ],
      "datePublic": "2018-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege, Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-12T18:57:01",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-09-11T00:00:00",
          "ID": "CVE-2018-12171",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) Baseboard Management Controller (BMC) firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions before 1.43.91f76955."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege, Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-12171",
    "datePublished": "2018-09-12T19:00:00Z",
    "dateReserved": "2018-06-11T00:00:00",
    "dateUpdated": "2024-09-16T20:02:17.695Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.43.91f76955\", \"matchCriteriaId\": \"9B3F541B-3A23-4DD1-829D-2CF8A9698EDE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B49A0E57-126A-4C60-A748-5D357E7B4670\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34BB3CD5-DF01-40A8-9906-5C5B306C1B85\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B3CC4D7-1756-44DB-814D-57106E6826C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7819ABC6-800C-4141-A31F-14CBE788EF62\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"106C758A-F23A-48B3-8360-A10212AF50E3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F002684-C456-40F0-AA2A-97C79AE5EECA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"796E437A-B972-4D30-B0A4-53366693C7DF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D9CC284-540E-492A-A0E6-A193DEAD3102\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24786B0E-36AC-4DBD-8778-DC836CF81CB1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9EADDC0-0AAE-4445-9764-1C54E3898FFD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E09B1290-FAD0-4869-A1FA-A4D12BB602CD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1DD69C7-9E7C-4569-9971-A06F77028BB7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DEF6206-E94C-4C16-8D91-AD776D62F79F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A47AC30-315C-4E4B-BBBB-305FA5131281\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF575955-C7E1-4DD6-8AAE-5930EDFEDA93\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B83196F-06BD-41D6-A6B8-C7ABD25CA238\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30E49457-D38D-4145-81F2-7FA4D463CD24\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13C6540A-C5E4-46E5-BB7C-E4C53904AE68\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D952C1D5-581F-4ADC-8DB5-3682DC8588CA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31EF6A93-7FDE-43A7-BB5D-1DD52318F60D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98B6DF59-DF1E-4D9C-B574-37DC398B16AB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6982CB5F-4448-48D4-BD3A-782874AB2304\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B14E3D1D-B614-458D-8F78-E25CC89B311E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A08E8AD9-CA53-4F39-820E-D4A4D2D319EB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DDFAF1C-E386-4F35-8A81-492713F10A92\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:s2600wfo:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CDAD0D9-C4DD-42B5-AC7F-4C53F406B762\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F105271A-9DC1-42CE-9D19-E4A55BE1F04E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.\"}, {\"lang\": \"es\", \"value\": \"Escalado de privilegios en el firmware de Intel Baseboard Management Controller (BMC) en versiones anteriores a la 1.43.91f76955 podr\\u00eda permitir que un usuario sin privilegios ejecute c\\u00f3digo arbitrario o realice una denegaci\\u00f3n de servicio (DoS) en la red.\"}]",
      "id": "CVE-2018-12171",
      "lastModified": "2024-11-21T03:44:41.537",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-09-12T19:29:01.980",
      "references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-12171\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2018-09-12T19:29:01.980\",\"lastModified\":\"2024-11-21T03:44:41.537\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.\"},{\"lang\":\"es\",\"value\":\"Escalado de privilegios en el firmware de Intel Baseboard Management Controller (BMC) en versiones anteriores a la 1.43.91f76955 podr\u00eda permitir que un usuario sin privilegios ejecute c\u00f3digo arbitrario o realice una denegaci\u00f3n de servicio (DoS) en la red.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.43.91f76955\",\"matchCriteriaId\":\"9B3F541B-3A23-4DD1-829D-2CF8A9698EDE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B49A0E57-126A-4C60-A748-5D357E7B4670\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34BB3CD5-DF01-40A8-9906-5C5B306C1B85\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3CC4D7-1756-44DB-814D-57106E6826C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7819ABC6-800C-4141-A31F-14CBE788EF62\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"106C758A-F23A-48B3-8360-A10212AF50E3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F002684-C456-40F0-AA2A-97C79AE5EECA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"796E437A-B972-4D30-B0A4-53366693C7DF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9CC284-540E-492A-A0E6-A193DEAD3102\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24786B0E-36AC-4DBD-8778-DC836CF81CB1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9EADDC0-0AAE-4445-9764-1C54E3898FFD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E09B1290-FAD0-4869-A1FA-A4D12BB602CD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1DD69C7-9E7C-4569-9971-A06F77028BB7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DEF6206-E94C-4C16-8D91-AD776D62F79F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A47AC30-315C-4E4B-BBBB-305FA5131281\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF575955-C7E1-4DD6-8AAE-5930EDFEDA93\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B83196F-06BD-41D6-A6B8-C7ABD25CA238\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30E49457-D38D-4145-81F2-7FA4D463CD24\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13C6540A-C5E4-46E5-BB7C-E4C53904AE68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D952C1D5-581F-4ADC-8DB5-3682DC8588CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31EF6A93-7FDE-43A7-BB5D-1DD52318F60D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98B6DF59-DF1E-4D9C-B574-37DC398B16AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6982CB5F-4448-48D4-BD3A-782874AB2304\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B14E3D1D-B614-458D-8F78-E25CC89B311E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A08E8AD9-CA53-4F39-820E-D4A4D2D319EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DDFAF1C-E386-4F35-8A81-492713F10A92\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:s2600wfo:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDAD0D9-C4DD-42B5-AC7F-4C53F406B762\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F105271A-9DC1-42CE-9D19-E4A55BE1F04E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2018-AVI-432

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Server Board S2600WT (Grantley)
Intel	N/A	Intel Server Board S2600TP (Grantley)
Intel	N/A	Intel Server Board S2600BP (Purley)
Intel	N/A	Intel Server Board S2600WF
Intel	N/A	Intel Server Board S2600ST
Intel	N/A	Intel Extreme Tuning Utility versions antérieures à 6.4.1.23.
Intel	N/A	Intel Driver & Support Assistant versions antérieures à 3.5.0.1
Intel	N/A	Intel Computing Improvement Program versions antérieures à 2.2.0.03942
Intel	N/A	Intel Data Migration Software versions 3.1 et antérieures
Intel	N/A	Intel OpenVINO Toolkit pour Windows versions 2018.1.265 et antérieures
Intel	N/A	Intel IoT Developers Kit versions 4.0 et antérieures
Intel	N/A	Intel NUC Kit NUC7CJYH
Intel	N/A	Intel NUC Kit NUC8i7HNK
Intel	N/A	Intel Compute Card CD1M3128MK
Intel	N/A	Intel Compute Card CD1IV128MK
Intel	N/A	Intel Compute Card CD1P64GK
Intel	N/A	Intel NUC Kit NUC7i7DNKE
Intel	N/A	Intel NUC Kit NUC7i5DNKE
Intel	N/A	Intel NUC Kit NUC7i3DNHE
Intel	N/A	Intel NUC Kit NUC7i7BNH
Intel	N/A	Intel NUC Kit NUC6CAYS
Intel	N/A	Intel NUC Kit DE3815TYBE
Intel	N/A	Intel NUC Kit NUC6i5SYH
Intel	N/A	Intel NUC Kit NUC6i7KYK
Intel	N/A	Intel NUC Kit NUC5PGYH
Intel	N/A	Intel NUC Kit NUC5CPYH
Intel	N/A	Intel NUC Kit NUC5i7RYH
Intel	N/A	Intel NUC Kit NUC5i5MYHE
Intel	N/A	Intel NUC Kit NUC5i3MYHE
Intel	N/A	Intel NUC Kit DN2820FYKH
Intel	N/A	Intel NUC Kit D54250WYB
Intel	N/A	Intel NUC Kit D53427RKE
Intel	N/A	Intel NUC Kit D33217GKE
Intel	N/A	Intel Compute Stick STK2mv64CC
Intel	N/A	Intel Compute Stick STK2m3W64CC
Intel	N/A	Intel Compute Stick STK1AW32SC
Intel	N/A	Intel Compute Stick STCK1A32WFC
Intel	N/A	Intel Centrino Wireless-N 135
Intel	N/A	Intel Centrino Wireless-N 2230
Intel	N/A	Intel Centrino Advanced-N 6235
Intel	N/A	Intel Centrino Wireless-N 130
Intel	N/A	Intel Centrino Wireless-N 1030
Intel	N/A	Intel Centrino Advanced-N 6230
Intel	N/A	Intel Distribution pour Python 2018 téléchargé avant le 6 août 2018
Intel	N/A	Processeur Intel Atom C3000 Series Platform avec un microgiciel antérieure à 4.00.04.177.0
Intel	N/A	Processeur Intel Xeon D-2100 Family Platform avec un microgiciel antérieure à 4.00.04.077.0
Intel	N/A	Processeur Intel Xeon Scalable Family Platforms avec un microgiciel antérieure à 4.00.04.381.0
Intel	N/A	Processeur Intel C620 Series Chipset Family (PCIe End Point Mode) avec un microgiciel antérieure à 4.00.04.381.0
Intel	N/A	Processeur Intel QuickAssist Adapter 8960/8970 Products avec un microgiciel antérieure à 4.x.05
Intel	N/A	Processeur de la famille Intel Core de 6ème génération avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur de la famille Intel Core de 7ème génération avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur de la famille Intel Core de 8ème génération avec un microgiciel (CSME) antérieure à 12.0.6
Intel	N/A	Processeur Intel Xeon E3-1200/1500 v5 avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur Intel Xeon E3-1200/1500 v6 avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur Intel Xeon W avec un microgiciel (CSME) antérieure à 11.11.55
Intel	N/A	Processeur Intel Core X-Series avec un microgiciel (CSME) antérieure à 11.11.55
Intel	N/A	Processeur Intel Xeon Scalable avec un microgiciel (CSME) antérieure à 11.21.55
Intel	N/A	Intel CSME versions antérieures à 11.8.55
Intel	N/A	Intel CSME versions antérieures à 11.11.55
Intel	N/A	Intel CSME versions antérieures à 11.21.55
Intel	N/A	Intel CSME versions antérieures à 12.0.6
Intel	N/A	Intel ME versions antérieures à 10.0.60
Intel	N/A	Intel ME versions antérieures à 9.5.65
Intel	N/A	Intel ME versions antérieures à 9.1.45
Intel	N/A	Intel Trusted Execution Engine (TXE) versions antérieures à 3.1.55
Intel	N/A	Intel Trusted Execution Engine (TXE) versions antérieures à 4.0.5
Intel	N/A	Intel Data Center manager versions antérieures à 5.1
Intel	N/A	Outil de détection pour la vulnérabilité Intel-SA-00086 en version antérieure à 1.2.7.0
Intel	N/A	Intel Server Platform Service microgiciel antérieures à SPS_SoC-A_04.00.04.177.0
Intel	N/A	Intel Server Platform Service microgiciel antérieures à SPS_SoC-X_04.00.04.077.0
Intel	N/A	Intel Server Platform Service microgiciel antérieures à SPS_E5_04.00.04.381.0

References

Title

Publication Time

Tags

Bulletin de sécurité Intel INTEL-SA-00119 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00125 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00162 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00181 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00149 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00148 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00141 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00173 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00177 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00165 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00170 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00172 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00142 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00176 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00143 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00131 du 11 septembre 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel Server Board S2600WT (Grantley)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600TP (Grantley)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600BP (Purley)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600WF",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600ST",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Extreme Tuning Utility versions ant\u00e9rieures \u00e0 6.4.1.23.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 3.5.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Computing Improvement Program versions ant\u00e9rieures \u00e0 2.2.0.03942",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Migration Software versions 3.1 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel OpenVINO Toolkit pour Windows versions 2018.1.265 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel IoT Developers Kit versions 4.0 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7CJYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC8i7HNK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1M3128MK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1IV128MK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1P64GK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i5DNKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i3DNHE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7BNH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC6CAYS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit DE3815TYBE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC6i5SYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC6i7KYK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5PGYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5CPYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5i7RYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5i5MYHE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5i3MYHE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit DN2820FYKH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit D54250WYB",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit D53427RKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit D33217GKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK2mv64CC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK2m3W64CC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK1AW32SC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STCK1A32WFC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 135",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 2230",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Advanced-N 6235",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 130",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 1030",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Advanced-N 6230",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Distribution pour Python 2018 t\u00e9l\u00e9charg\u00e9 avant le 6 ao\u00fbt 2018",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Atom C3000 Series Platform avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.177.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon D-2100 Family Platform avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.077.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon Scalable Family Platforms avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.381.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel C620 Series Chipset Family (PCIe End Point Mode) avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.381.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel QuickAssist Adapter 8960/8970 Products avec un microgiciel ant\u00e9rieure \u00e0 4.x.05",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur de la famille Intel Core de 6\u00e8me g\u00e9n\u00e9ration avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur de la famille Intel Core de 7\u00e8me g\u00e9n\u00e9ration avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur de la famille Intel Core de 8\u00e8me g\u00e9n\u00e9ration avec un microgiciel (CSME) ant\u00e9rieure \u00e0 12.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon E3-1200/1500 v5 avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon E3-1200/1500 v6 avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon W avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Core X-Series avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon Scalable avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.21.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 11.21.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 12.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ME versions ant\u00e9rieures \u00e0 10.0.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ME versions ant\u00e9rieures \u00e0 9.5.65",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ME versions ant\u00e9rieures \u00e0 9.1.45",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine (TXE) versions ant\u00e9rieures \u00e0 3.1.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine (TXE) versions ant\u00e9rieures \u00e0 4.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Center manager versions ant\u00e9rieures \u00e0 5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Outil de d\u00e9tection pour la vuln\u00e9rabilit\u00e9 Intel-SA-00086 en version ant\u00e9rieure \u00e0 1.2.7.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Service microgiciel ant\u00e9rieures \u00e0 SPS_SoC-A_04.00.04.177.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Service microgiciel ant\u00e9rieures \u00e0 SPS_SoC-X_04.00.04.077.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Service microgiciel ant\u00e9rieures \u00e0 SPS_E5_04.00.04.381.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-12162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12162"
    },
    {
      "name": "CVE-2018-3655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3655"
    },
    {
      "name": "CVE-2018-12160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12160"
    },
    {
      "name": "CVE-2018-3657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3657"
    },
    {
      "name": "CVE-2018-3669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3669"
    },
    {
      "name": "CVE-2018-12151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12151"
    },
    {
      "name": "CVE-2018-12148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12148"
    },
    {
      "name": "CVE-2018-12149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12149"
    },
    {
      "name": "CVE-2018-12176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12176"
    },
    {
      "name": "CVE-2018-3659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3659"
    },
    {
      "name": "CVE-2018-12171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12171"
    },
    {
      "name": "CVE-2018-3658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3658"
    },
    {
      "name": "CVE-2018-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3643"
    },
    {
      "name": "CVE-2018-12175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12175"
    },
    {
      "name": "CVE-2018-3616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3616"
    },
    {
      "name": "CVE-2017-15361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15361"
    },
    {
      "name": "CVE-2018-12150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12150"
    },
    {
      "name": "CVE-2018-12163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12163"
    },
    {
      "name": "CVE-2018-3686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3686"
    },
    {
      "name": "CVE-2018-3679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3679"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-432",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-09-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00119 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00119.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00125 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00162 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00162.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00181 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00149 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00148 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00141 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00173 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00173.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00177 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00177.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00165 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00165.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00170 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00170.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00172 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00142 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00176 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00143 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00143.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00131 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html"
    }
  ]
}

CERTFR-2018-AVI-432

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Server Board S2600WT (Grantley)
Intel	N/A	Intel Server Board S2600TP (Grantley)
Intel	N/A	Intel Server Board S2600BP (Purley)
Intel	N/A	Intel Server Board S2600WF
Intel	N/A	Intel Server Board S2600ST
Intel	N/A	Intel Extreme Tuning Utility versions antérieures à 6.4.1.23.
Intel	N/A	Intel Driver & Support Assistant versions antérieures à 3.5.0.1
Intel	N/A	Intel Computing Improvement Program versions antérieures à 2.2.0.03942
Intel	N/A	Intel Data Migration Software versions 3.1 et antérieures
Intel	N/A	Intel OpenVINO Toolkit pour Windows versions 2018.1.265 et antérieures
Intel	N/A	Intel IoT Developers Kit versions 4.0 et antérieures
Intel	N/A	Intel NUC Kit NUC7CJYH
Intel	N/A	Intel NUC Kit NUC8i7HNK
Intel	N/A	Intel Compute Card CD1M3128MK
Intel	N/A	Intel Compute Card CD1IV128MK
Intel	N/A	Intel Compute Card CD1P64GK
Intel	N/A	Intel NUC Kit NUC7i7DNKE
Intel	N/A	Intel NUC Kit NUC7i5DNKE
Intel	N/A	Intel NUC Kit NUC7i3DNHE
Intel	N/A	Intel NUC Kit NUC7i7BNH
Intel	N/A	Intel NUC Kit NUC6CAYS
Intel	N/A	Intel NUC Kit DE3815TYBE
Intel	N/A	Intel NUC Kit NUC6i5SYH
Intel	N/A	Intel NUC Kit NUC6i7KYK
Intel	N/A	Intel NUC Kit NUC5PGYH
Intel	N/A	Intel NUC Kit NUC5CPYH
Intel	N/A	Intel NUC Kit NUC5i7RYH
Intel	N/A	Intel NUC Kit NUC5i5MYHE
Intel	N/A	Intel NUC Kit NUC5i3MYHE
Intel	N/A	Intel NUC Kit DN2820FYKH
Intel	N/A	Intel NUC Kit D54250WYB
Intel	N/A	Intel NUC Kit D53427RKE
Intel	N/A	Intel NUC Kit D33217GKE
Intel	N/A	Intel Compute Stick STK2mv64CC
Intel	N/A	Intel Compute Stick STK2m3W64CC
Intel	N/A	Intel Compute Stick STK1AW32SC
Intel	N/A	Intel Compute Stick STCK1A32WFC
Intel	N/A	Intel Centrino Wireless-N 135
Intel	N/A	Intel Centrino Wireless-N 2230
Intel	N/A	Intel Centrino Advanced-N 6235
Intel	N/A	Intel Centrino Wireless-N 130
Intel	N/A	Intel Centrino Wireless-N 1030
Intel	N/A	Intel Centrino Advanced-N 6230
Intel	N/A	Intel Distribution pour Python 2018 téléchargé avant le 6 août 2018
Intel	N/A	Processeur Intel Atom C3000 Series Platform avec un microgiciel antérieure à 4.00.04.177.0
Intel	N/A	Processeur Intel Xeon D-2100 Family Platform avec un microgiciel antérieure à 4.00.04.077.0
Intel	N/A	Processeur Intel Xeon Scalable Family Platforms avec un microgiciel antérieure à 4.00.04.381.0
Intel	N/A	Processeur Intel C620 Series Chipset Family (PCIe End Point Mode) avec un microgiciel antérieure à 4.00.04.381.0
Intel	N/A	Processeur Intel QuickAssist Adapter 8960/8970 Products avec un microgiciel antérieure à 4.x.05
Intel	N/A	Processeur de la famille Intel Core de 6ème génération avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur de la famille Intel Core de 7ème génération avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur de la famille Intel Core de 8ème génération avec un microgiciel (CSME) antérieure à 12.0.6
Intel	N/A	Processeur Intel Xeon E3-1200/1500 v5 avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur Intel Xeon E3-1200/1500 v6 avec un microgiciel (CSME) antérieure à 11.8.55
Intel	N/A	Processeur Intel Xeon W avec un microgiciel (CSME) antérieure à 11.11.55
Intel	N/A	Processeur Intel Core X-Series avec un microgiciel (CSME) antérieure à 11.11.55
Intel	N/A	Processeur Intel Xeon Scalable avec un microgiciel (CSME) antérieure à 11.21.55
Intel	N/A	Intel CSME versions antérieures à 11.8.55
Intel	N/A	Intel CSME versions antérieures à 11.11.55
Intel	N/A	Intel CSME versions antérieures à 11.21.55
Intel	N/A	Intel CSME versions antérieures à 12.0.6
Intel	N/A	Intel ME versions antérieures à 10.0.60
Intel	N/A	Intel ME versions antérieures à 9.5.65
Intel	N/A	Intel ME versions antérieures à 9.1.45
Intel	N/A	Intel Trusted Execution Engine (TXE) versions antérieures à 3.1.55
Intel	N/A	Intel Trusted Execution Engine (TXE) versions antérieures à 4.0.5
Intel	N/A	Intel Data Center manager versions antérieures à 5.1
Intel	N/A	Outil de détection pour la vulnérabilité Intel-SA-00086 en version antérieure à 1.2.7.0
Intel	N/A	Intel Server Platform Service microgiciel antérieures à SPS_SoC-A_04.00.04.177.0
Intel	N/A	Intel Server Platform Service microgiciel antérieures à SPS_SoC-X_04.00.04.077.0
Intel	N/A	Intel Server Platform Service microgiciel antérieures à SPS_E5_04.00.04.381.0

References

Title

Publication Time

Tags

Bulletin de sécurité Intel INTEL-SA-00119 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00125 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00162 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00181 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00149 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00148 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00141 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00173 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00177 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00165 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00170 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00172 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00142 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00176 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00143 du 11 septembre 2018	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00131 du 11 septembre 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel Server Board S2600WT (Grantley)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600TP (Grantley)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600BP (Purley)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600WF",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board S2600ST",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Extreme Tuning Utility versions ant\u00e9rieures \u00e0 6.4.1.23.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 3.5.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Computing Improvement Program versions ant\u00e9rieures \u00e0 2.2.0.03942",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Migration Software versions 3.1 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel OpenVINO Toolkit pour Windows versions 2018.1.265 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel IoT Developers Kit versions 4.0 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7CJYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC8i7HNK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1M3128MK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1IV128MK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1P64GK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i5DNKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i3DNHE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7BNH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC6CAYS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit DE3815TYBE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC6i5SYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC6i7KYK",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5PGYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5CPYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5i7RYH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5i5MYHE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC5i3MYHE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit DN2820FYKH",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit D54250WYB",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit D53427RKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit D33217GKE",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK2mv64CC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK2m3W64CC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK1AW32SC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STCK1A32WFC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 135",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 2230",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Advanced-N 6235",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 130",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Wireless-N 1030",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Centrino Advanced-N 6230",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Distribution pour Python 2018 t\u00e9l\u00e9charg\u00e9 avant le 6 ao\u00fbt 2018",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Atom C3000 Series Platform avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.177.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon D-2100 Family Platform avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.077.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon Scalable Family Platforms avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.381.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel C620 Series Chipset Family (PCIe End Point Mode) avec un microgiciel ant\u00e9rieure \u00e0 4.00.04.381.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel QuickAssist Adapter 8960/8970 Products avec un microgiciel ant\u00e9rieure \u00e0 4.x.05",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur de la famille Intel Core de 6\u00e8me g\u00e9n\u00e9ration avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur de la famille Intel Core de 7\u00e8me g\u00e9n\u00e9ration avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur de la famille Intel Core de 8\u00e8me g\u00e9n\u00e9ration avec un microgiciel (CSME) ant\u00e9rieure \u00e0 12.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon E3-1200/1500 v5 avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon E3-1200/1500 v6 avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon W avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Core X-Series avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Xeon Scalable avec un microgiciel (CSME) ant\u00e9rieure \u00e0 11.21.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 11.21.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions ant\u00e9rieures \u00e0 12.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ME versions ant\u00e9rieures \u00e0 10.0.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ME versions ant\u00e9rieures \u00e0 9.5.65",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ME versions ant\u00e9rieures \u00e0 9.1.45",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine (TXE) versions ant\u00e9rieures \u00e0 3.1.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine (TXE) versions ant\u00e9rieures \u00e0 4.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Center manager versions ant\u00e9rieures \u00e0 5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Outil de d\u00e9tection pour la vuln\u00e9rabilit\u00e9 Intel-SA-00086 en version ant\u00e9rieure \u00e0 1.2.7.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Service microgiciel ant\u00e9rieures \u00e0 SPS_SoC-A_04.00.04.177.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Service microgiciel ant\u00e9rieures \u00e0 SPS_SoC-X_04.00.04.077.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Service microgiciel ant\u00e9rieures \u00e0 SPS_E5_04.00.04.381.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-12162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12162"
    },
    {
      "name": "CVE-2018-3655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3655"
    },
    {
      "name": "CVE-2018-12160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12160"
    },
    {
      "name": "CVE-2018-3657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3657"
    },
    {
      "name": "CVE-2018-3669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3669"
    },
    {
      "name": "CVE-2018-12151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12151"
    },
    {
      "name": "CVE-2018-12148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12148"
    },
    {
      "name": "CVE-2018-12149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12149"
    },
    {
      "name": "CVE-2018-12176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12176"
    },
    {
      "name": "CVE-2018-3659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3659"
    },
    {
      "name": "CVE-2018-12171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12171"
    },
    {
      "name": "CVE-2018-3658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3658"
    },
    {
      "name": "CVE-2018-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3643"
    },
    {
      "name": "CVE-2018-12175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12175"
    },
    {
      "name": "CVE-2018-3616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3616"
    },
    {
      "name": "CVE-2017-15361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15361"
    },
    {
      "name": "CVE-2018-12150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12150"
    },
    {
      "name": "CVE-2018-12163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12163"
    },
    {
      "name": "CVE-2018-3686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3686"
    },
    {
      "name": "CVE-2018-3679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3679"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-432",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-09-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00119 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00119.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00125 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00162 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00162.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00181 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00149 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00148 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00148.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00141 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00173 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00173.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00177 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00177.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00165 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00165.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00170 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00170.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00172 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00142 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00176 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00143 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00143.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00131 du 11 septembre 2018",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html"
    }
  ]
}

GSD-2018-12171

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-12171

Aliases

CVE-2018-12171

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-12171",
    "description": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.",
    "id": "GSD-2018-12171"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-12171"
      ],
      "details": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.",
      "id": "GSD-2018-12171",
      "modified": "2023-12-13T01:22:30.242205Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2018-09-11T00:00:00",
        "ID": "CVE-2018-12171",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Baseboard Management Controller (BMC) firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Versions before 1.43.91f76955."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Escalation of Privilege, Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html",
            "refsource": "CONFIRM",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.43.91f76955",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:s2600wfo:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-12171"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-09-12T19:29Z"
    }
  }
}

GHSA-J5H2-3R9V-6FHH

Vulnerability from github – Published: 2022-05-13 01:49 – Updated: 2022-05-13 01:49

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-12171"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-09-12T19:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.",
  "id": "GHSA-j5h2-3r9v-6fhh",
  "modified": "2022-05-13T01:49:29Z",
  "published": "2022-05-13T01:49:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12171"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2018-12171

Vulnerability from fkie_nvd - Published: 2018-09-12 19:29 - Updated: 2024-11-21 03:44

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html	Vendor Advisory

Impacted products

Vendor	Product	Version
intel	bmc_firmware	*
intel	bbs2600bpb	-
intel	bbs2600bpq	-
intel	bbs2600bps	-
intel	bbs2600stb	-
intel	bbs2600stq	-
intel	hns2600bpb	-
intel	hns2600bpb24	-
intel	hns2600bpblc	-
intel	hns2600bpblc24	-
intel	hns2600bpq	-
intel	hns2600bpq24	-
intel	hns2600bps	-
intel	hns2600bps24	-
intel	r1208wftys	-
intel	r1304wf0ys	-
intel	r1304wftys	-
intel	r2208wf0zs	-
intel	r2208wfqzs	-
intel	r2208wftzs	-
intel	r2224wfqzs	-
intel	r2224wftzs	-
intel	r2308wftzs	-
intel	r2312wf0np	-
intel	r2312wfqzs	-
intel	r2312wftzs	-
intel	s2600stb	-
intel	s2600stq	-
intel	s2600wfo	-
intel	s2600wfq	-
intel	s2600wft	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B3F541B-3A23-4DD1-829D-2CF8A9698EDE",
              "versionEndExcluding": "1.43.91f76955",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B49A0E57-126A-4C60-A748-5D357E7B4670",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "34BB3CD5-DF01-40A8-9906-5C5B306C1B85",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B3CC4D7-1756-44DB-814D-57106E6826C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7819ABC6-800C-4141-A31F-14CBE788EF62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "106C758A-F23A-48B3-8360-A10212AF50E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F002684-C456-40F0-AA2A-97C79AE5EECA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "796E437A-B972-4D30-B0A4-53366693C7DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9CC284-540E-492A-A0E6-A193DEAD3102",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24786B0E-36AC-4DBD-8778-DC836CF81CB1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EADDC0-0AAE-4445-9764-1C54E3898FFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09B1290-FAD0-4869-A1FA-A4D12BB602CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1DD69C7-9E7C-4569-9971-A06F77028BB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DEF6206-E94C-4C16-8D91-AD776D62F79F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A47AC30-315C-4E4B-BBBB-305FA5131281",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B83196F-06BD-41D6-A6B8-C7ABD25CA238",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E49457-D38D-4145-81F2-7FA4D463CD24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C6540A-C5E4-46E5-BB7C-E4C53904AE68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D952C1D5-581F-4ADC-8DB5-3682DC8588CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98B6DF59-DF1E-4D9C-B574-37DC398B16AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6982CB5F-4448-48D4-BD3A-782874AB2304",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B14E3D1D-B614-458D-8F78-E25CC89B311E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DDFAF1C-E386-4F35-8A81-492713F10A92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:s2600wfo:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CDAD0D9-C4DD-42B5-AC7F-4C53F406B762",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F105271A-9DC1-42CE-9D19-E4A55BE1F04E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network."
    },
    {
      "lang": "es",
      "value": "Escalado de privilegios en el firmware de Intel Baseboard Management Controller (BMC) en versiones anteriores a la 1.43.91f76955 podr\u00eda permitir que un usuario sin privilegios ejecute c\u00f3digo arbitrario o realice una denegaci\u00f3n de servicio (DoS) en la red."
    }
  ],
  "id": "CVE-2018-12171",
  "lastModified": "2024-11-21T03:44:41.537",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-09-12T19:29:01.980",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00149.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-12171 (GCVE-0-2018-12171)

CERTFR-2018-AVI-432

Solution

CERTFR-2018-AVI-432

Solution

GSD-2018-12171

GHSA-J5H2-3R9V-6FHH

FKIE_CVE-2018-12171

Tags

Sightings

Nomenclature