Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-11103 (GCVE-0-2019-11103)
Vulnerability from cvelistv5 – Published: 2019-12-18 21:08 – Updated: 2024-08-04 22:40
VLAI?
EPSS
Summary
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege, Denial of Service, Information Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Affected:
See provided reference
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:16.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) CSME",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See provided reference"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege, Denial of Service, Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T21:08:27",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2019-11103",
"datePublished": "2019-12-18T21:08:27",
"dateReserved": "2019-04-11T00:00:00",
"dateUpdated": "2024-08-04T22:40:16.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.0\", \"versionEndExcluding\": \"12.0.45\", \"matchCriteriaId\": \"BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.0\", \"versionEndExcluding\": \"13.0.10\", \"matchCriteriaId\": \"219FA251-B255-4CCC-9FAE-A36C542160E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.0.0\", \"versionEndExcluding\": \"14.0.10\", \"matchCriteriaId\": \"F6BBE6CE-6551-47F9-970D-9C85128EBCDC\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.\"}, {\"lang\": \"es\", \"value\": \"Una comprobaci\\u00f3n de entrada insuficiente en el software de actualizaci\\u00f3n de firmware para Intel\\u00ae CSME versiones anteriores a 12.0.45,13.0.10 y 14.0.10, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local.\"}]",
"id": "CVE-2019-11103",
"lastModified": "2024-11-21T04:20:32.547",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-12-18T22:15:12.643",
"references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-11103\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-12-18T22:15:12.643\",\"lastModified\":\"2024-11-21T04:20:32.547\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\"Una comprobaci\u00f3n de entrada insuficiente en el software de actualizaci\u00f3n de firmware para Intel\u00ae CSME versiones anteriores a 12.0.45,13.0.10 y 14.0.10, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.0.45\",\"matchCriteriaId\":\"BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0\",\"versionEndExcluding\":\"13.0.10\",\"matchCriteriaId\":\"219FA251-B255-4CCC-9FAE-A36C542160E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndExcluding\":\"14.0.10\",\"matchCriteriaId\":\"F6BBE6CE-6551-47F9-970D-9C85128EBCDC\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2019-AVI-563
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les microgiciels Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel PTT versions antérieures à 11.8.65, 11.11.65, 11.22.65, 12.0.35, 13.0.1201 et 14.0.10 | ||
| Intel | N/A | Intel SPS versions SPS_SoC-X_x antérieures à SPS_SoC-X_04.00.04.086.0 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.2x antérieures à 11.22.70 | ||
| Intel | N/A | Les processeurs Intel, voir le site du constructeur pour les modèles vulnérables (cf. section documentation) | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 13.x antérieures à 13.0.10 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 12.0.x antérieures à 12.0.45 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions antérieures à 11.8.70 | ||
| Intel | N/A | Intel SPS versions SPS_E5_x antérieures à SPS_E5_04.00.04.381.0 | ||
| Intel | N/A | Intel SPS versions SPS_E3_x antérieures à SPS_E3_04.01.04.054.0 | ||
| Intel | N/A | Intel SPS versions SPS_SoC-A_x antérieures à SPS_SoC-A_04.00.04.181.0 | ||
| Intel | N/A | Le microgiciel des contrôleurs Ethernet Intel séries 700 versions antérieures à 7.0 | ||
| Intel | N/A | Intel Baseboard Management Controller (BMC), voir le site du constructeur pour les modèles vulnérables (cf. section documentation) | ||
| Intel | N/A | Le logiciel pour contrôleurs Ethernet Intel séries 700 versions antérieure à 24.0 | ||
| Intel | N/A | Intel TXE versions 3.0.x et 3.1.x antérieures à 3.1.70 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.10.x et 11.11.x antérieures à 11.11.70 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 14.x antérieures à 14.0.10 | ||
| Intel | N/A | Intel TXE versions 4.0.x antérieures à 4.0.20 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel PTT versions ant\u00e9rieures \u00e0 11.8.65, 11.11.65, 11.22.65, 12.0.35, 13.0.1201 et 14.0.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_SoC-X_x ant\u00e9rieures \u00e0 SPS_SoC-X_04.00.04.086.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.2x ant\u00e9rieures \u00e0 11.22.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Les processeurs Intel, voir le site du constructeur pour les mod\u00e8les vuln\u00e9rables (cf. section documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 13.x ant\u00e9rieures \u00e0 13.0.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 12.0.x ant\u00e9rieures \u00e0 12.0.45",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions ant\u00e9rieures \u00e0 11.8.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_E5_x ant\u00e9rieures \u00e0 SPS_E5_04.00.04.381.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_E3_x ant\u00e9rieures \u00e0 SPS_E3_04.01.04.054.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_SoC-A_x ant\u00e9rieures \u00e0 SPS_SoC-A_04.00.04.181.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Le microgiciel des contr\u00f4leurs Ethernet Intel s\u00e9ries 700 versions ant\u00e9rieures \u00e0 7.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Baseboard Management Controller (BMC), voir le site du constructeur pour les mod\u00e8les vuln\u00e9rables (cf. section documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Le logiciel pour contr\u00f4leurs Ethernet Intel s\u00e9ries 700 versions ant\u00e9rieure \u00e0 24.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TXE versions 3.0.x et 3.1.x ant\u00e9rieures \u00e0 3.1.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.10.x et 11.11.x ant\u00e9rieures \u00e0 11.11.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 14.x ant\u00e9rieures \u00e0 14.0.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TXE versions 4.0.x ant\u00e9rieures \u00e0 4.0.20",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0143",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0143"
},
{
"name": "CVE-2019-11179",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11179"
},
{
"name": "CVE-2019-11139",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11139"
},
{
"name": "CVE-2019-0150",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0150"
},
{
"name": "CVE-2019-0152",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0152"
},
{
"name": "CVE-2019-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
},
{
"name": "CVE-2019-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
},
{
"name": "CVE-2019-0117",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0117"
},
{
"name": "CVE-2019-11170",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11170"
},
{
"name": "CVE-2019-11132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
},
{
"name": "CVE-2019-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
},
{
"name": "CVE-2019-11137",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11137"
},
{
"name": "CVE-2019-0154",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0154"
},
{
"name": "CVE-2019-11106",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
},
{
"name": "CVE-2019-11175",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11175"
},
{
"name": "CVE-2019-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0139"
},
{
"name": "CVE-2019-0140",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0140"
},
{
"name": "CVE-2019-11172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11172"
},
{
"name": "CVE-2019-11177",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11177"
},
{
"name": "CVE-2019-11135",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
},
{
"name": "CVE-2019-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
},
{
"name": "CVE-2019-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
},
{
"name": "CVE-2019-11107",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
},
{
"name": "CVE-2019-0141",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0141"
},
{
"name": "CVE-2019-11136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11136"
},
{
"name": "CVE-2019-0149",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0149"
},
{
"name": "CVE-2019-11181",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11181"
},
{
"name": "CVE-2019-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
},
{
"name": "CVE-2019-0144",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0144"
},
{
"name": "CVE-2019-11173",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11173"
},
{
"name": "CVE-2019-11182",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11182"
},
{
"name": "CVE-2019-11102",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
},
{
"name": "CVE-2019-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
},
{
"name": "CVE-2019-11105",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
},
{
"name": "CVE-2019-0124",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0124"
},
{
"name": "CVE-2019-0151",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0151"
},
{
"name": "CVE-2019-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11168"
},
{
"name": "CVE-2019-11101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
},
{
"name": "CVE-2019-11171",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11171"
},
{
"name": "CVE-2018-12207",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12207"
},
{
"name": "CVE-2019-0142",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0142"
},
{
"name": "CVE-2019-11131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
},
{
"name": "CVE-2019-0146",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0146"
},
{
"name": "CVE-2019-11090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
},
{
"name": "CVE-2019-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
},
{
"name": "CVE-2019-11109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
},
{
"name": "CVE-2019-11178",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11178"
},
{
"name": "CVE-2019-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
},
{
"name": "CVE-2019-0184",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0184"
},
{
"name": "CVE-2019-0123",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0123"
},
{
"name": "CVE-2019-11180",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11180"
},
{
"name": "CVE-2019-11104",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
},
{
"name": "CVE-2019-0148",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0148"
},
{
"name": "CVE-2019-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
},
{
"name": "CVE-2019-11174",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11174"
},
{
"name": "CVE-2019-0145",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0145"
},
{
"name": "CVE-2019-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
},
{
"name": "CVE-2019-0147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0147"
},
{
"name": "CVE-2019-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
},
{
"name": "CVE-2019-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
},
{
"name": "CVE-2019-11147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-563",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-11-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les microgiciels\nIntel. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les microgiciels Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00313 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00219 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00219.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00270 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00210 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00240 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00255 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00271 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00260 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00260.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00280 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00164 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00164.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00241 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00220 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00220.html"
}
]
}
CERTFR-2020-AVI-420
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Junos Space et Junos Space Security Director versions antérieures à 20.1R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos Space et Junos Space Security Director versions ant\u00e9rieures \u00e0 20.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
},
{
"name": "CVE-2016-2324",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2324"
},
{
"name": "CVE-2013-1960",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1960"
},
{
"name": "CVE-2012-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4447"
},
{
"name": "CVE-2016-3991",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3991"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2014-7826",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7826"
},
{
"name": "CVE-2020-1648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1648"
},
{
"name": "CVE-2016-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3621"
},
{
"name": "CVE-2011-0192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
},
{
"name": "CVE-2016-1000341",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
},
{
"name": "CVE-2016-6662",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6662"
},
{
"name": "CVE-2019-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
},
{
"name": "CVE-2019-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
},
{
"name": "CVE-2009-2347",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2347"
},
{
"name": "CVE-2014-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3634"
},
{
"name": "CVE-2016-1000343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
},
{
"name": "CVE-2015-1782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1782"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2019-11132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
},
{
"name": "CVE-2014-7825",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7825"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2020-1646",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1646"
},
{
"name": "CVE-2019-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
},
{
"name": "CVE-2017-7895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
},
{
"name": "CVE-2012-1173",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1173"
},
{
"name": "CVE-2012-2088",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
},
{
"name": "CVE-2014-9938",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9938"
},
{
"name": "CVE-2015-1158",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
},
{
"name": "CVE-2020-1651",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1651"
},
{
"name": "CVE-2010-2067",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2067"
},
{
"name": "CVE-2019-11106",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
},
{
"name": "CVE-2016-1000346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
},
{
"name": "CVE-2016-3945",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3945"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2020-1645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1645"
},
{
"name": "CVE-2016-1000345",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
},
{
"name": "CVE-2020-1640",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1640"
},
{
"name": "CVE-2013-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4244"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2020-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1643"
},
{
"name": "CVE-2018-16881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16881"
},
{
"name": "CVE-2015-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7940"
},
{
"name": "CVE-2017-1000117",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000117"
},
{
"name": "CVE-2012-5581",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5581"
},
{
"name": "CVE-2016-1000338",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
},
{
"name": "CVE-2014-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
},
{
"name": "CVE-2018-1000613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000613"
},
{
"name": "CVE-2017-12588",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12588"
},
{
"name": "CVE-2016-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0787"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"name": "CVE-2016-3990",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3990"
},
{
"name": "CVE-2019-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
},
{
"name": "CVE-2018-1000021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000021"
},
{
"name": "CVE-2019-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
},
{
"name": "CVE-2014-9679",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9679"
},
{
"name": "CVE-2020-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1647"
},
{
"name": "CVE-2019-11107",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
},
{
"name": "CVE-2020-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1652"
},
{
"name": "CVE-2017-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
},
{
"name": "CVE-2009-5022",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5022"
},
{
"name": "CVE-2016-1835",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1835"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2020-1650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1650"
},
{
"name": "CVE-2016-1000342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2019-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2016-1000339",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
},
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"name": "CVE-2017-9935",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9935"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2018-5382",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5382"
},
{
"name": "CVE-2014-9584",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
},
{
"name": "CVE-2019-11102",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
},
{
"name": "CVE-2019-11105",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
},
{
"name": "CVE-2016-5616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5616"
},
{
"name": "CVE-2015-1421",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
},
{
"name": "CVE-2014-9529",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
},
{
"name": "CVE-2020-1654",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1654"
},
{
"name": "CVE-2013-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1961"
},
{
"name": "CVE-2015-7082",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7082"
},
{
"name": "CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"name": "CVE-2014-8171",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8171"
},
{
"name": "CVE-2006-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2656"
},
{
"name": "CVE-2019-11101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2018-11233",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11233"
},
{
"name": "CVE-2013-4232",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4232"
},
{
"name": "CVE-2013-4243",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4243"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2011-3200",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3200"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2017-15298",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15298"
},
{
"name": "CVE-2014-8884",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
},
{
"name": "CVE-2015-1159",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2019-11131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
},
{
"name": "CVE-2020-1641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1641"
},
{
"name": "CVE-2019-11090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
},
{
"name": "CVE-2013-4758",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4758"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2019-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
},
{
"name": "CVE-2019-11109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
},
{
"name": "CVE-2016-5314",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5314"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-1000352",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
},
{
"name": "CVE-2010-2065",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2065"
},
{
"name": "CVE-2019-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
},
{
"name": "CVE-2010-1411",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1411"
},
{
"name": "CVE-2016-3632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3632"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2015-7547",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7547"
},
{
"name": "CVE-2020-1649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1649"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2012-4564",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4564"
},
{
"name": "CVE-2012-2113",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2113"
},
{
"name": "CVE-2019-11104",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
},
{
"name": "CVE-2019-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
},
{
"name": "CVE-2016-1000344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
},
{
"name": "CVE-2019-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
},
{
"name": "CVE-2014-3215",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3215"
},
{
"name": "CVE-2018-11235",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11235"
},
{
"name": "CVE-2016-6663",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6663"
},
{
"name": "CVE-2018-19486",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19486"
},
{
"name": "CVE-2015-7545",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7545"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2019-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
},
{
"name": "CVE-2018-5360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5360"
},
{
"name": "CVE-2018-1000180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
},
{
"name": "CVE-2019-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
},
{
"name": "CVE-2020-1644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1644"
},
{
"name": "CVE-2019-11147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
},
{
"name": "CVE-2012-3401",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3401"
},
{
"name": "CVE-2019-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0211"
},
{
"name": "CVE-2014-3683",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3683"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-420",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11038 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11038\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11024 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11024\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11026 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11026\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11027 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11027\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11035 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11035\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11023 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11025 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11025\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11034 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11034\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11033 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11033\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11032 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11032\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11036 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11036\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11031 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11031\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11030 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11030\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11037 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11037\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11028 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11028\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2019-AVI-563
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les microgiciels Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel PTT versions antérieures à 11.8.65, 11.11.65, 11.22.65, 12.0.35, 13.0.1201 et 14.0.10 | ||
| Intel | N/A | Intel SPS versions SPS_SoC-X_x antérieures à SPS_SoC-X_04.00.04.086.0 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.2x antérieures à 11.22.70 | ||
| Intel | N/A | Les processeurs Intel, voir le site du constructeur pour les modèles vulnérables (cf. section documentation) | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 13.x antérieures à 13.0.10 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 12.0.x antérieures à 12.0.45 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions antérieures à 11.8.70 | ||
| Intel | N/A | Intel SPS versions SPS_E5_x antérieures à SPS_E5_04.00.04.381.0 | ||
| Intel | N/A | Intel SPS versions SPS_E3_x antérieures à SPS_E3_04.01.04.054.0 | ||
| Intel | N/A | Intel SPS versions SPS_SoC-A_x antérieures à SPS_SoC-A_04.00.04.181.0 | ||
| Intel | N/A | Le microgiciel des contrôleurs Ethernet Intel séries 700 versions antérieures à 7.0 | ||
| Intel | N/A | Intel Baseboard Management Controller (BMC), voir le site du constructeur pour les modèles vulnérables (cf. section documentation) | ||
| Intel | N/A | Le logiciel pour contrôleurs Ethernet Intel séries 700 versions antérieure à 24.0 | ||
| Intel | N/A | Intel TXE versions 3.0.x et 3.1.x antérieures à 3.1.70 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.10.x et 11.11.x antérieures à 11.11.70 | ||
| Intel | N/A | Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 14.x antérieures à 14.0.10 | ||
| Intel | N/A | Intel TXE versions 4.0.x antérieures à 4.0.20 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel PTT versions ant\u00e9rieures \u00e0 11.8.65, 11.11.65, 11.22.65, 12.0.35, 13.0.1201 et 14.0.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_SoC-X_x ant\u00e9rieures \u00e0 SPS_SoC-X_04.00.04.086.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.2x ant\u00e9rieures \u00e0 11.22.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Les processeurs Intel, voir le site du constructeur pour les mod\u00e8les vuln\u00e9rables (cf. section documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 13.x ant\u00e9rieures \u00e0 13.0.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 12.0.x ant\u00e9rieures \u00e0 12.0.45",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions ant\u00e9rieures \u00e0 11.8.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_E5_x ant\u00e9rieures \u00e0 SPS_E5_04.00.04.381.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_E3_x ant\u00e9rieures \u00e0 SPS_E3_04.01.04.054.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions SPS_SoC-A_x ant\u00e9rieures \u00e0 SPS_SoC-A_04.00.04.181.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Le microgiciel des contr\u00f4leurs Ethernet Intel s\u00e9ries 700 versions ant\u00e9rieures \u00e0 7.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Baseboard Management Controller (BMC), voir le site du constructeur pour les mod\u00e8les vuln\u00e9rables (cf. section documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Le logiciel pour contr\u00f4leurs Ethernet Intel s\u00e9ries 700 versions ant\u00e9rieure \u00e0 24.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TXE versions 3.0.x et 3.1.x ant\u00e9rieures \u00e0 3.1.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 11.10.x et 11.11.x ant\u00e9rieures \u00e0 11.11.70",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME, Intel AMT, Intel DAL et Intel DAL versions 14.x ant\u00e9rieures \u00e0 14.0.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TXE versions 4.0.x ant\u00e9rieures \u00e0 4.0.20",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0143",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0143"
},
{
"name": "CVE-2019-11179",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11179"
},
{
"name": "CVE-2019-11139",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11139"
},
{
"name": "CVE-2019-0150",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0150"
},
{
"name": "CVE-2019-0152",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0152"
},
{
"name": "CVE-2019-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
},
{
"name": "CVE-2019-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
},
{
"name": "CVE-2019-0117",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0117"
},
{
"name": "CVE-2019-11170",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11170"
},
{
"name": "CVE-2019-11132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
},
{
"name": "CVE-2019-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
},
{
"name": "CVE-2019-11137",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11137"
},
{
"name": "CVE-2019-0154",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0154"
},
{
"name": "CVE-2019-11106",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
},
{
"name": "CVE-2019-11175",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11175"
},
{
"name": "CVE-2019-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0139"
},
{
"name": "CVE-2019-0140",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0140"
},
{
"name": "CVE-2019-11172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11172"
},
{
"name": "CVE-2019-11177",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11177"
},
{
"name": "CVE-2019-11135",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
},
{
"name": "CVE-2019-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
},
{
"name": "CVE-2019-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
},
{
"name": "CVE-2019-11107",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
},
{
"name": "CVE-2019-0141",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0141"
},
{
"name": "CVE-2019-11136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11136"
},
{
"name": "CVE-2019-0149",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0149"
},
{
"name": "CVE-2019-11181",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11181"
},
{
"name": "CVE-2019-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
},
{
"name": "CVE-2019-0144",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0144"
},
{
"name": "CVE-2019-11173",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11173"
},
{
"name": "CVE-2019-11182",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11182"
},
{
"name": "CVE-2019-11102",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
},
{
"name": "CVE-2019-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
},
{
"name": "CVE-2019-11105",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
},
{
"name": "CVE-2019-0124",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0124"
},
{
"name": "CVE-2019-0151",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0151"
},
{
"name": "CVE-2019-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11168"
},
{
"name": "CVE-2019-11101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
},
{
"name": "CVE-2019-11171",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11171"
},
{
"name": "CVE-2018-12207",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12207"
},
{
"name": "CVE-2019-0142",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0142"
},
{
"name": "CVE-2019-11131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
},
{
"name": "CVE-2019-0146",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0146"
},
{
"name": "CVE-2019-11090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
},
{
"name": "CVE-2019-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
},
{
"name": "CVE-2019-11109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
},
{
"name": "CVE-2019-11178",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11178"
},
{
"name": "CVE-2019-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
},
{
"name": "CVE-2019-0184",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0184"
},
{
"name": "CVE-2019-0123",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0123"
},
{
"name": "CVE-2019-11180",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11180"
},
{
"name": "CVE-2019-11104",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
},
{
"name": "CVE-2019-0148",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0148"
},
{
"name": "CVE-2019-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
},
{
"name": "CVE-2019-11174",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11174"
},
{
"name": "CVE-2019-0145",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0145"
},
{
"name": "CVE-2019-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
},
{
"name": "CVE-2019-0147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0147"
},
{
"name": "CVE-2019-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
},
{
"name": "CVE-2019-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
},
{
"name": "CVE-2019-11147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-563",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-11-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les microgiciels\nIntel. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les microgiciels Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00313 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00219 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00219.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00270 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00210 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00240 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00255 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00271 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00260 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00260.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00280 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00164 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00164.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00241 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00220 du 12 novembre 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00220.html"
}
]
}
CERTFR-2020-AVI-420
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Junos Space et Junos Space Security Director versions antérieures à 20.1R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos Space et Junos Space Security Director versions ant\u00e9rieures \u00e0 20.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
},
{
"name": "CVE-2016-2324",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2324"
},
{
"name": "CVE-2013-1960",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1960"
},
{
"name": "CVE-2012-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4447"
},
{
"name": "CVE-2016-3991",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3991"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2014-7826",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7826"
},
{
"name": "CVE-2020-1648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1648"
},
{
"name": "CVE-2016-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3621"
},
{
"name": "CVE-2011-0192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
},
{
"name": "CVE-2016-1000341",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
},
{
"name": "CVE-2016-6662",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6662"
},
{
"name": "CVE-2019-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
},
{
"name": "CVE-2019-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
},
{
"name": "CVE-2009-2347",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2347"
},
{
"name": "CVE-2014-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3634"
},
{
"name": "CVE-2016-1000343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
},
{
"name": "CVE-2015-1782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1782"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2019-11132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
},
{
"name": "CVE-2014-7825",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7825"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2020-1646",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1646"
},
{
"name": "CVE-2019-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
},
{
"name": "CVE-2017-7895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
},
{
"name": "CVE-2012-1173",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1173"
},
{
"name": "CVE-2012-2088",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
},
{
"name": "CVE-2014-9938",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9938"
},
{
"name": "CVE-2015-1158",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
},
{
"name": "CVE-2020-1651",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1651"
},
{
"name": "CVE-2010-2067",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2067"
},
{
"name": "CVE-2019-11106",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
},
{
"name": "CVE-2016-1000346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
},
{
"name": "CVE-2016-3945",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3945"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2020-1645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1645"
},
{
"name": "CVE-2016-1000345",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
},
{
"name": "CVE-2020-1640",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1640"
},
{
"name": "CVE-2013-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4244"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2020-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1643"
},
{
"name": "CVE-2018-16881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16881"
},
{
"name": "CVE-2015-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7940"
},
{
"name": "CVE-2017-1000117",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000117"
},
{
"name": "CVE-2012-5581",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5581"
},
{
"name": "CVE-2016-1000338",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
},
{
"name": "CVE-2014-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
},
{
"name": "CVE-2018-1000613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000613"
},
{
"name": "CVE-2017-12588",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12588"
},
{
"name": "CVE-2016-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0787"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"name": "CVE-2016-3990",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3990"
},
{
"name": "CVE-2019-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
},
{
"name": "CVE-2018-1000021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000021"
},
{
"name": "CVE-2019-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
},
{
"name": "CVE-2014-9679",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9679"
},
{
"name": "CVE-2020-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1647"
},
{
"name": "CVE-2019-11107",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
},
{
"name": "CVE-2020-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1652"
},
{
"name": "CVE-2017-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
},
{
"name": "CVE-2009-5022",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5022"
},
{
"name": "CVE-2016-1835",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1835"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2020-1650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1650"
},
{
"name": "CVE-2016-1000342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2019-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2016-1000339",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
},
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"name": "CVE-2017-9935",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9935"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2018-5382",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5382"
},
{
"name": "CVE-2014-9584",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
},
{
"name": "CVE-2019-11102",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
},
{
"name": "CVE-2019-11105",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
},
{
"name": "CVE-2016-5616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5616"
},
{
"name": "CVE-2015-1421",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
},
{
"name": "CVE-2014-9529",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
},
{
"name": "CVE-2020-1654",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1654"
},
{
"name": "CVE-2013-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1961"
},
{
"name": "CVE-2015-7082",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7082"
},
{
"name": "CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"name": "CVE-2014-8171",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8171"
},
{
"name": "CVE-2006-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2656"
},
{
"name": "CVE-2019-11101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2018-11233",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11233"
},
{
"name": "CVE-2013-4232",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4232"
},
{
"name": "CVE-2013-4243",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4243"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2011-3200",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3200"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2017-15298",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15298"
},
{
"name": "CVE-2014-8884",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
},
{
"name": "CVE-2015-1159",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2019-11131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
},
{
"name": "CVE-2020-1641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1641"
},
{
"name": "CVE-2019-11090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
},
{
"name": "CVE-2013-4758",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4758"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2019-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
},
{
"name": "CVE-2019-11109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
},
{
"name": "CVE-2016-5314",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5314"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-1000352",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
},
{
"name": "CVE-2010-2065",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2065"
},
{
"name": "CVE-2019-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
},
{
"name": "CVE-2010-1411",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1411"
},
{
"name": "CVE-2016-3632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3632"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2015-7547",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7547"
},
{
"name": "CVE-2020-1649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1649"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2012-4564",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4564"
},
{
"name": "CVE-2012-2113",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2113"
},
{
"name": "CVE-2019-11104",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
},
{
"name": "CVE-2019-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
},
{
"name": "CVE-2016-1000344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
},
{
"name": "CVE-2019-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
},
{
"name": "CVE-2014-3215",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3215"
},
{
"name": "CVE-2018-11235",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11235"
},
{
"name": "CVE-2016-6663",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6663"
},
{
"name": "CVE-2018-19486",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19486"
},
{
"name": "CVE-2015-7545",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7545"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2019-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
},
{
"name": "CVE-2018-5360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5360"
},
{
"name": "CVE-2018-1000180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
},
{
"name": "CVE-2019-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
},
{
"name": "CVE-2020-1644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1644"
},
{
"name": "CVE-2019-11147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
},
{
"name": "CVE-2012-3401",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3401"
},
{
"name": "CVE-2019-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0211"
},
{
"name": "CVE-2014-3683",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3683"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-420",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11038 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11038\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11024 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11024\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11026 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11026\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11027 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11027\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11035 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11035\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11023 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11025 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11025\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11034 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11034\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11033 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11033\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11032 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11032\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11036 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11036\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11031 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11031\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11030 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11030\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11037 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11037\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11028 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11028\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
GSD-2019-11103
Vulnerability from gsd - Updated: 2023-12-13 01:24Details
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-11103",
"description": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GSD-2019-11103",
"references": [
"https://www.suse.com/security/cve/CVE-2019-11103.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-11103"
],
"details": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GSD-2019-11103",
"modified": "2023-12-13T01:24:02.421943Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) CSME",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0.45",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.0.10",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.10",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11103"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-01-02T17:23Z",
"publishedDate": "2019-12-18T22:15Z"
}
}
}
VAR-201912-1818
Vulnerability from variot - Updated: 2023-12-18 11:15Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) CSME Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A local attacker could exploit this vulnerability to elevate privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1818",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.45"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "13.0.10"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "14.0.10"
},
{
"model": "converged security management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "14.0.0"
},
{
"model": "converged security management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "13.0"
},
{
"model": "converged security management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "NVD",
"id": "CVE-2019-11103"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0.45",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.0.10",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.10",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11103"
}
]
},
"cve": "CVE-2019-11103",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-11103",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142716",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-11103",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-11103",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-683",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142716",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142716"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "NVD",
"id": "CVE-2019-11103"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) CSME Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A local attacker could exploit this vulnerability to elevate privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11103"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "VULHUB",
"id": "VHN-142716"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11103",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU90354904",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013691",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-683",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-27716",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2344",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142716",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142716"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "NVD",
"id": "CVE-2019-11103"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
]
},
"id": "VAR-201912-1818",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142716"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:15:10.243000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00241",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
},
{
"title": "Intel Converged Security and Management Engine Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=106331"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142716"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "NVD",
"id": "CVE-2019-11103"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11103"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11103"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90354904/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/intel-csme-amt-dal-sps-txe-multiple-vulnerabilities-31014"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-27716"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2344/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142716"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "NVD",
"id": "CVE-2019-11103"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142716"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"db": "NVD",
"id": "CVE-2019-11103"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-142716"
},
{
"date": "2020-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"date": "2019-12-18T22:15:12.643000",
"db": "NVD",
"id": "CVE-2019-11103"
},
{
"date": "2019-11-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-02T00:00:00",
"db": "VULHUB",
"id": "VHN-142716"
},
{
"date": "2020-01-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013691"
},
{
"date": "2020-01-02T17:23:40.573000",
"db": "NVD",
"id": "CVE-2019-11103"
},
{
"date": "2020-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel(R) CSME Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013691"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-683"
}
],
"trust": 0.6
}
}
FKIE_CVE-2019-11103
Vulnerability from fkie_nvd - Published: 2019-12-18 22:15 - Updated: 2024-11-21 04:20
Severity ?
Summary
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0",
"versionEndExcluding": "12.0.45",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "219FA251-B255-4CCC-9FAE-A36C542160E0",
"versionEndExcluding": "13.0.10",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6BBE6CE-6551-47F9-970D-9C85128EBCDC",
"versionEndExcluding": "14.0.10",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Una comprobaci\u00f3n de entrada insuficiente en el software de actualizaci\u00f3n de firmware para Intel\u00ae CSME versiones anteriores a 12.0.45,13.0.10 y 14.0.10, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local."
}
],
"id": "CVE-2019-11103",
"lastModified": "2024-11-21T04:20:32.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-18T22:15:12.643",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-44HJ-4CVH-Q8J8
Vulnerability from github – Published: 2022-05-24 17:03 – Updated: 2022-05-24 17:03
VLAI?
Details
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
{
"affected": [],
"aliases": [
"CVE-2019-11103"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-18T22:15:00Z",
"severity": "MODERATE"
},
"details": "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GHSA-44hj-4cvh-q8j8",
"modified": "2022-05-24T17:03:57Z",
"published": "2022-05-24T17:03:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11103"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
WID-SEC-W-2023-1689
Vulnerability from csaf_certbund - Published: 2019-11-12 23:00 - Updated: 2025-08-27 22:00Summary
Intel Prozessoren: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Prozessor ist das zentrale Rechenwerk eines Computers.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Intel Prozessoren ausnutzen, um seine Privilegien zu erhöhen, einen Denial of Service Angriff durchzuführen oder vertrauliche Daten einzusehen.
Betroffene Betriebssysteme
- BIOS/Firmware
- F5 Networks
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Prozessor ist das zentrale Rechenwerk eines Computers.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Intel Prozessoren ausnutzen, um seine Privilegien zu erh\u00f6hen, einen Denial of Service Angriff durchzuf\u00fchren oder vertrauliche Daten einzusehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware\n- F5 Networks\n- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1689 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2023-1689.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1689 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1689"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00164 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00164.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00210 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00219 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00219.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00220 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00220.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00240 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00241 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00242 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00254 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00254.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00260 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00260.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00270 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00271 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00280 vom 2019-11-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4565-1 vom 2019-11-13",
"url": "https://lists.debian.org/debian-security-announce/2019/msg00219.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4564-1 vom 2019-11-13",
"url": "https://lists.debian.org/debian-security-announce/2019/msg00215.html"
},
{
"category": "external",
"summary": "Xen Security Advisory XSA-305 vom 2019-11-12",
"url": "https://xenbits.xen.org/xsa/advisory-305.html"
},
{
"category": "external",
"summary": "Xen Security Advisory XSA-304 vom 2019-11-12",
"url": "https://xenbits.xen.org/xsa/advisory-304.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3832 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3832"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3833 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3833"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3834 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3834"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3835 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3835"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3837 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3837"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3838 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3838"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3839 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3839"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3840 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3840"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3842 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3842"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3844 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3844"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3860 vom 2019-11-12",
"url": "https://access.redhat.com/errata/RHSA-2019:3860"
},
{
"category": "external",
"summary": "Oraclevm-errata OVMSA-2019-0052 vom 2019-11-12",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-November/000966.html"
},
{
"category": "external",
"summary": "The FreeBSD Project Security Advisory FreeBSD-SA-19:25.mcepsc vom 2019-11-12",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:25.mcepsc.asc"
},
{
"category": "external",
"summary": "The FreeBSD Project Security Advisory FreeBSD-SA-19:26.mcu vom 2019-11-12",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-19:26.mcu.asc"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4187-1 vom 2019-11-12",
"url": "https://usn.ubuntu.com/4187-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4188-1 vom 2019-11-12",
"url": "https://usn.ubuntu.com/4188-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4186-2 vom 2019-11-12",
"url": "https://usn.ubuntu.com/4186-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4185-2 vom 2019-11-12",
"url": "https://usn.ubuntu.com/4185-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4184-1 vom 2019-11-12",
"url": "https://usn.ubuntu.com/4184-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4183-1 vom 2019-11-12",
"url": "https://usn.ubuntu.com/4183-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4182-2 vom 2019-11-12",
"url": "https://usn.ubuntu.com/4182-2/"
},
{
"category": "external",
"summary": "Dell Securiy Advisory DSA-2019-147 vom 2019-11-12",
"url": "https://www.dell.com/support/article/de/de/debsdt1/sln319429/dsa-2019-147-dell-client-platform-security-update-for-intel-platform-updates-2019-2?lang=en"
},
{
"category": "external",
"summary": "Dell Securiy Advisory DSA-2019-166 vom 2019-11-12",
"url": "https://www.dell.com/support/article/de/de/debsdt1/sln319434/dsa-2019-166-dell-emc-server-platform-security-advisory-for-intel-platform-updates-2019-2?lang=en"
},
{
"category": "external",
"summary": "Dell Securiy Advisory DSA-2019-153 vom 2019-11-12",
"url": "https://www.dell.com/support/article/de/de/debsdt1/sln319438/dsa-2019-153-dell-emc-networking-security-advisory-for-intel-platform-updates-2019-2?lang=en"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2946-1 vom 2019-11-12",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2948-1 vom 2019-11-12",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2949-1 vom 2019-11-12",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2957-1 vom 2019-11-12",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192957-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2958-1 vom 2019-11-12",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192958-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2959-1 vom 2019-11-12",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192959-1/"
},
{
"category": "external",
"summary": "VMware Security Advisories VMSA-2019-0020 vom 2019-11-12",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0020.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4186-3 vom 2019-11-13",
"url": "https://usn.ubuntu.com/4186-3/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:14217-1 vom 2019-11-13",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914217-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3873 vom 2019-11-13",
"url": "https://access.redhat.com/errata/RHSA-2019:3873"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3872 vom 2019-11-13",
"url": "https://access.redhat.com/errata/RHSA-2019:3872"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3877 vom 2019-11-13",
"url": "https://access.redhat.com/errata/RHSA-2019:3877"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3878 vom 2019-11-13",
"url": "https://access.redhat.com/errata/RHSA-2019:3878"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3872 vom 2019-11-14",
"url": "https://access.redhat.com/errata/RHSA-2019:3872"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4184-2 vom 2019-11-13",
"url": "https://usn.ubuntu.com/4184-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4183-2 vom 2019-11-13",
"url": "https://usn.ubuntu.com/4183-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4185-3 vom 2019-11-13",
"url": "https://usn.ubuntu.com/4185-3/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3883 vom 2019-11-14",
"url": "https://access.redhat.com/errata/RHSA-2019:3883"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-201911-14 vom 2019-11-13",
"url": "https://security.archlinux.org/ASA-201911-14"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3870 vom 2019-11-13",
"url": "https://access.redhat.com/errata/RHSA-2019:3870"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3871 vom 2019-11-13",
"url": "https://access.redhat.com/errata/RHSA-2019:3871"
},
{
"category": "external",
"summary": "Citrix Hypervisor Security Update CTX263684 vom 2019-11-12",
"url": "https://support.citrix.com/article/CTX263684"
},
{
"category": "external",
"summary": "HPE Security Bulletin HPESBHF03971 rev.1 vom 2019-11-13",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03971en_us"
},
{
"category": "external",
"summary": "HPE Security Bulletin HPESBHF03967 rev.1 vom 2019-11-13",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03967en_us"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:3872 vom 2019-11-14",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-3872-Important-CentOS-7-kernel-Security-Update-tp4645757.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K32412503 vom 2019-11-15",
"url": "https://support.f5.com/csp/article/K32412503"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:3834 vom 2019-11-14",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-3834-Important-CentOS-7-kernel-Security-Update-tp4645756.html"
},
{
"category": "external",
"summary": "HP Security Bulletin HPESBHF03963 rev.1 vom 2019-11-13",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03968en_us"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:3878 vom 2019-11-14",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-3878-Important-CentOS-6-kernel-Security-Update-tp4645758.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3887 vom 2019-11-14",
"url": "https://access.redhat.com/errata/RHSA-2019:3887"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3889 vom 2019-11-14",
"url": "https://access.redhat.com/errata/RHSA-2019:3889"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2019-237 vom 2019-11-14",
"url": "https://downloads.avaya.com/css/P8/documents/101062296"
},
{
"category": "external",
"summary": "HPE Security Bulletin HPESBHF03969 rev.1 vom 2019-11-13",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03969en_us"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2984-1 vom 2019-11-16",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:14220-1 vom 2019-11-16",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914220-1.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2019-238 vom 2019-11-16",
"url": "https://downloads.avaya.com/css/P8/documents/101062297"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2988-1 vom 2019-11-16",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192988-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2987-1 vom 2019-11-16",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192987-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2986-1 vom 2019-11-16",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192986-1.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2019-0054 vom 2019-11-18",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-November/000967.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3908 vom 2019-11-19",
"url": "https://access.redhat.com/errata/RHSA-2019:3908"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3916 vom 2019-11-19",
"url": "https://access.redhat.com/errata/RHSA-2019:3916"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2019-242 vom 2019-11-21",
"url": "https://downloads.avaya.com/css/P8/documents/101062452"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2019-241 vom 2019-11-21",
"url": "https://downloads.avaya.com/css/P8/documents/101062451"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3936 vom 2019-11-20",
"url": "https://access.redhat.com/errata/RHSA-2019:3936"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3941 vom 2019-11-21",
"url": "https://access.redhat.com/errata/RHSA-2019:3941"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3091-1 vom 2019-11-29",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193091-1.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4182-4 vom 2019-12-04",
"url": "https://usn.ubuntu.com/4182-4/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4182-3 vom 2019-12-04",
"url": "https://usn.ubuntu.com/4182-3/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3200-1 vom 2019-12-07",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3289-1 vom 2019-12-13",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193289-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3294-1 vom 2019-12-14",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3295-1 vom 2019-12-14",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3317-1 vom 2019-12-18",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193317-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3316-1 vom 2019-12-18",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193316-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3340-1 vom 2019-12-20",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193340-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:3372-1 vom 2019-12-20",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193372-1.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K54164678 vom 2019-12-27",
"url": "https://support.f5.com/csp/article/K54164678?utm_source=f5support\u0026utm_medium=RSS"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0026 vom 2020-01-06",
"url": "https://access.redhat.com/errata/RHSA-2020:0026"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0028 vom 2020-01-06",
"url": "https://access.redhat.com/errata/RHSA-2020:0028"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:0093-1 vom 2020-01-14",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0204 vom 2020-01-22",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"category": "external",
"summary": "NetApp Security Advisory",
"url": "https://security.netapp.com/advisory/ntap-20191213-0001/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0279 vom 2020-01-29",
"url": "https://access.redhat.com/errata/RHSA-2020:0279"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0328 vom 2020-02-04",
"url": "https://access.redhat.com/errata/RHSA-2020:0328"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0366 vom 2020-02-04",
"url": "https://access.redhat.com/errata/RHSA-2020:0366"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0339 vom 2020-02-04",
"url": "https://access.redhat.com/errata/RHSA-2020:0339"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:0334-1 vom 2020-02-06",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200334-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0555 vom 2020-02-19",
"url": "https://access.redhat.com/errata/RHSA-2020:0555"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0666 vom 2020-03-03",
"url": "https://access.redhat.com/errata/RHSA-2020:0666"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0730 vom 2020-03-05",
"url": "https://access.redhat.com/errata/RHSA-2020:0730"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0839 vom 2020-03-17",
"url": "https://access.redhat.com/errata/RHSA-2020:0839"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0834 vom 2020-03-17",
"url": "https://access.redhat.com/errata/RHSA-2020:0834"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2020:0839 vom 2020-03-25",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2020-0839-Important-CentOS-7-kernel-Security-Update-tp4645862.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2020-026 vom 2020-04-14",
"url": "https://downloads.avaya.com/css/P8/documents/101065862"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:1465 vom 2020-04-14",
"url": "https://access.redhat.com/errata/RHSA-2020:1465"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN hpesbhf03966en_us vom 2020-05-05",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=emr_na-hpesbhf03966en_us"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN hpesbhf03961en_us vom 2020-05-05",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=emr_na-hpesbhf03961en_us"
},
{
"category": "external",
"summary": "EMC Security Advisory 538629 vom 2020-06-22",
"url": "https://www.dell.com/support/security/de-de/details/538629/TSX-Asynchronous-Abort-TAA-CVE-2019-11135-Impact-on-Dell-EMC-Data-Protection-and-Storage-Produc"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2020-0026 vom 2020-06-22",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2020-June/000986.html"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11026 vom 2020-07-08",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11026"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2020-0027 vom 2020-07-13",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2020-July/000990.html"
},
{
"category": "external",
"summary": "libvirt Security Notice LSN-2019-0008 vom 2020-07-27",
"url": "http://security.libvirt.org/2019/0008.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K17269881 vom 2020-08-26",
"url": "https://support.f5.com/csp/article/K17269881"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2491-1 vom 2020-09-04",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007367.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2505-1 vom 2020-09-04",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007356.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2526-1 vom 2020-09-04",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007365.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2497-1 vom 2020-09-04",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007364.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-4386 vom 2021-11-16",
"url": "https://linux.oracle.com/errata/ELSA-2021-4386.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-3822 vom 2023-07-08",
"url": "https://linux.oracle.com/errata/ELSA-2023-3822.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1301 vom 2025-02-13",
"url": "https://linux.oracle.com/errata/ELSA-2025-1301.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02853-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022200.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02923-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022237.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02969-1 vom 2025-08-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022259.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02996-1 vom 2025-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022291.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02997-1 vom 2025-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022283.html"
}
],
"source_lang": "en-US",
"title": "Intel Prozessoren: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-27T22:00:00.000+00:00",
"generator": {
"date": "2025-08-28T06:01:07.819+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2023-1689",
"initial_release_date": "2019-11-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2019-11-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-11-13T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Citrix, Ubuntu, SUSE, Red Hat, Arch Linux und Fedora aufgenommen"
},
{
"date": "2019-11-13T23:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2019-11-13T23:00:00.000+00:00",
"number": "4",
"summary": "Version nicht vorhanden"
},
{
"date": "2019-11-14T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von HP, CentOS, F5, Red Hat und AVAYA aufgenommen"
},
{
"date": "2019-11-17T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE und AVAYA aufgenommen"
},
{
"date": "2019-11-18T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2019-11-18T23:00:00.000+00:00",
"number": "8",
"summary": "Version nicht vorhanden"
},
{
"date": "2019-11-19T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-11-20T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von AVAYA und Red Hat aufgenommen"
},
{
"date": "2019-11-20T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2019-11-21T23:00:00.000+00:00",
"number": "12",
"summary": "Referenz(en) aufgenommen: OVMSA-2019-0056"
},
{
"date": "2019-11-28T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-12-02T23:00:00.000+00:00",
"number": "14",
"summary": "Schreibfehler korrigiert"
},
{
"date": "2019-12-03T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-12-08T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-12-12T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-12-15T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-12-17T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-12-19T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-12-22T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-12-29T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2020-01-01T23:00:00.000+00:00",
"number": "23",
"summary": "Referenz(en) aufgenommen: DLA 2051"
},
{
"date": "2020-01-06T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-01-14T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-01-22T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-01-26T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2020-01-29T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-02-03T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-02-04T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-02-06T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-02-19T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-03-03T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-03-05T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-03-17T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-03-25T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2020-04-13T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2020-04-14T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-05-05T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von HPE"
},
{
"date": "2020-06-21T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von EMC aufgenommen"
},
{
"date": "2020-06-22T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2020-07-08T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2020-07-13T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2020-07-27T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von libvirt aufgenommen"
},
{
"date": "2020-08-25T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2020-09-06T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-11-16T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-07-09T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-02-12T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-08-18T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-24T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "53"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Media Gateway",
"product": {
"name": "Avaya Media Gateway",
"product_id": "T015276",
"product_identification_helper": {
"cpe": "cpe:/h:avaya:media_gateway:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Citrix Systems XenServer",
"product": {
"name": "Citrix Systems XenServer",
"product_id": "T004077",
"product_identification_helper": {
"cpe": "cpe:/a:citrix:xenserver:-"
}
}
}
],
"category": "vendor",
"name": "Citrix Systems"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "HP BIOS",
"product": {
"name": "HP BIOS",
"product_id": "T007117",
"product_identification_helper": {
"cpe": "cpe:/h:hp:bios:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE ProLiant",
"product": {
"name": "HPE ProLiant",
"product_id": "T009310",
"product_identification_helper": {
"cpe": "cpe:/h:hp:proliant:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "Intel AMT SDK",
"product": {
"name": "Intel AMT SDK",
"product_id": "T011597",
"product_identification_helper": {
"cpe": "cpe:/a:intel:active_management_technology_software_development_kit:-"
}
}
},
{
"category": "product_name",
"name": "Intel Prozessor",
"product": {
"name": "Intel Prozessor",
"product_id": "T011586",
"product_identification_helper": {
"cpe": "cpe:/h:intel:intel_prozessor:-"
}
}
},
{
"category": "product_name",
"name": "Intel Xeon",
"product": {
"name": "Intel Xeon",
"product_id": "T011286",
"product_identification_helper": {
"cpe": "cpe:/h:intel:xeon:-"
}
}
}
],
"category": "vendor",
"name": "Intel"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c20.1R1",
"product": {
"name": "Juniper Junos Space \u003c20.1R1",
"product_id": "T016874"
}
},
{
"category": "product_version",
"name": "20.1R1",
"product": {
"name": "Juniper Junos Space 20.1R1",
"product_id": "T016874-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:20.1r1"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp Data ONTAP",
"product": {
"name": "NetApp Data ONTAP",
"product_id": "7654",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:-"
}
}
},
{
"category": "product_name",
"name": "NetApp FAS",
"product": {
"name": "NetApp FAS",
"product_id": "T011540",
"product_identification_helper": {
"cpe": "cpe:/h:netapp:fas:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"category": "product_name",
"name": "Open Source Xen",
"product": {
"name": "Open Source Xen",
"product_id": "T000611",
"product_identification_helper": {
"cpe": "cpe:/o:xen:xen:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.0",
"product": {
"name": "Open Source libvirt \u003c6.0.0",
"product_id": "712004"
}
},
{
"category": "product_version",
"name": "6.0.0",
"product": {
"name": "Open Source libvirt 6.0.0",
"product_id": "712004-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:libvirt:6.0.0"
}
}
}
],
"category": "product_name",
"name": "libvirt"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"category": "product_name",
"name": "Oracle VM",
"product": {
"name": "Oracle VM",
"product_id": "T011119",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS",
"product": {
"name": "Red Hat Enterprise Linux Server EUS",
"product_id": "T015361",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"category": "product_name",
"name": "Red Hat Enterprise MRG",
"product": {
"name": "Red Hat Enterprise MRG",
"product_id": "T003513",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat Fedora",
"product": {
"name": "Red Hat Fedora",
"product_id": "T007849",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "VMware ESXi",
"product": {
"name": "VMware ESXi",
"product_id": "T009575",
"product_identification_helper": {
"cpe": "cpe:/o:vmware:esxi:-"
}
}
},
{
"category": "product_name",
"name": "VMware Fusion",
"product": {
"name": "VMware Fusion",
"product_id": "T009574",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:fusion:-"
}
}
},
{
"category": "product_name",
"name": "VMware Workstation",
"product": {
"name": "VMware Workstation",
"product_id": "11768",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:workstation:-"
}
}
}
],
"category": "vendor",
"name": "VMware"
},
{
"branches": [
{
"category": "product_name",
"name": "Intel System Management Software",
"product": {
"name": "Intel System Management Software",
"product_id": "T014240",
"product_identification_helper": {
"cpe": "cpe:/a:intel:system_management_software:-"
}
}
}
],
"category": "vendor",
"name": "intel"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12207",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2018-12207"
},
{
"cve": "CVE-2019-0117",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0117"
},
{
"cve": "CVE-2019-0123",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0123"
},
{
"cve": "CVE-2019-0124",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0124"
},
{
"cve": "CVE-2019-0131",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0131"
},
{
"cve": "CVE-2019-0151",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0151"
},
{
"cve": "CVE-2019-0152",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0152"
},
{
"cve": "CVE-2019-0154",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0154"
},
{
"cve": "CVE-2019-0155",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0155"
},
{
"cve": "CVE-2019-0165",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0165"
},
{
"cve": "CVE-2019-0166",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0166"
},
{
"cve": "CVE-2019-0168",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0168"
},
{
"cve": "CVE-2019-0169",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0169"
},
{
"cve": "CVE-2019-0184",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0184"
},
{
"cve": "CVE-2019-0185",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-0185"
},
{
"cve": "CVE-2019-11086",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11086"
},
{
"cve": "CVE-2019-11087",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11087"
},
{
"cve": "CVE-2019-11088",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11088"
},
{
"cve": "CVE-2019-11089",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11089"
},
{
"cve": "CVE-2019-11090",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11090"
},
{
"cve": "CVE-2019-11097",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11097"
},
{
"cve": "CVE-2019-11100",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11100"
},
{
"cve": "CVE-2019-11101",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11101"
},
{
"cve": "CVE-2019-11102",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11102"
},
{
"cve": "CVE-2019-11103",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11103"
},
{
"cve": "CVE-2019-11104",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11104"
},
{
"cve": "CVE-2019-11105",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11105"
},
{
"cve": "CVE-2019-11106",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11106"
},
{
"cve": "CVE-2019-11107",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11107"
},
{
"cve": "CVE-2019-11108",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11108"
},
{
"cve": "CVE-2019-11109",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11109"
},
{
"cve": "CVE-2019-11110",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11110"
},
{
"cve": "CVE-2019-11111",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11111"
},
{
"cve": "CVE-2019-11112",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11112"
},
{
"cve": "CVE-2019-11113",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11113"
},
{
"cve": "CVE-2019-11131",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11131"
},
{
"cve": "CVE-2019-11132",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11132"
},
{
"cve": "CVE-2019-11135",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11135"
},
{
"cve": "CVE-2019-11136",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11136"
},
{
"cve": "CVE-2019-11137",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11137"
},
{
"cve": "CVE-2019-11139",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11139"
},
{
"cve": "CVE-2019-11147",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-11147"
},
{
"cve": "CVE-2019-14574",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-14574"
},
{
"cve": "CVE-2019-14590",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-14590"
},
{
"cve": "CVE-2019-14591",
"product_status": {
"known_affected": [
"T004077",
"T006498",
"67646",
"4035",
"T007849",
"T011540",
"T011286",
"T015127",
"T011586",
"T015126",
"T016874",
"T004914",
"11768",
"T015361",
"T000611",
"T001663",
"T011119",
"T015518",
"T007117",
"7654",
"T003513",
"T013312",
"T011597",
"T015276",
"T016243",
"T014240",
"2951",
"T002207",
"T000126",
"712004",
"1727",
"T009575",
"T009310",
"T009574"
]
},
"release_date": "2019-11-12T23:00:00.000+00:00",
"title": "CVE-2019-14591"
}
]
}
CNVD-2019-42603
Vulnerability from cnvd - Published: 2019-11-28
VLAI Severity ?
Title
Intel Converged Security and Management Engine权限提升漏洞
Description
Intel Converged Security and Management Engine(CSME)是美国英特尔(Intel)公司的一款安全管理引擎。
Intel CSME 12.0.45之前版本、13.0.10之前版本和14.0.10之前版本中的固件更新软件存在安全漏洞,该漏洞源于不充分的输入验证。本地攻击者可利用该漏洞提升权限。
Severity
高
Patch Name
Intel Converged Security and Management Engine权限提升漏洞的补丁
Patch Description
Intel Converged Security and Management Engine(CSME)是美国英特尔(Intel)公司的一款安全管理引擎。
Intel CSME 12.0.45之前版本、13.0.10之前版本和14.0.10之前版本中的固件更新软件存在安全漏洞,该漏洞源于不充分的输入验证。本地攻击者可利用该漏洞提升权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
Reference
https://support.lenovo.com/us/en/product_security/LEN-27716
Impacted products
| Name | ['Intel Converged Security and Management Engine(CSME) <12.0.45', 'Intel Converged Security and Management Engine(CSME) <13.0.10', 'Intel Converged Security and Management Engine(CSME) <14.0.10'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-11103"
}
},
"description": "Intel Converged Security and Management Engine\uff08CSME\uff09\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5b89\u5168\u7ba1\u7406\u5f15\u64ce\u3002\n\nIntel CSME 12.0.45\u4e4b\u524d\u7248\u672c\u300113.0.10\u4e4b\u524d\u7248\u672c\u548c14.0.10\u4e4b\u524d\u7248\u672c\u4e2d\u7684\u56fa\u4ef6\u66f4\u65b0\u8f6f\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4e0d\u5145\u5206\u7684\u8f93\u5165\u9a8c\u8bc1\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-42603",
"openTime": "2019-11-28",
"patchDescription": "Intel Converged Security and Management Engine\uff08CSME\uff09\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5b89\u5168\u7ba1\u7406\u5f15\u64ce\u3002\r\n\r\nIntel CSME 12.0.45\u4e4b\u524d\u7248\u672c\u300113.0.10\u4e4b\u524d\u7248\u672c\u548c14.0.10\u4e4b\u524d\u7248\u672c\u4e2d\u7684\u56fa\u4ef6\u66f4\u65b0\u8f6f\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4e0d\u5145\u5206\u7684\u8f93\u5165\u9a8c\u8bc1\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Intel Converged Security and Management Engine\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Intel Converged Security and Management Engine\uff08CSME\uff09 \u003c12.0.45",
"Intel Converged Security and Management Engine\uff08CSME\uff09 \u003c13.0.10",
"Intel Converged Security and Management Engine\uff08CSME\uff09 \u003c14.0.10"
]
},
"referenceLink": "https://support.lenovo.com/us/en/product_security/LEN-27716",
"serverity": "\u9ad8",
"submitTime": "2019-11-14",
"title": "Intel Converged Security and Management Engine\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…