CVE-2019-11182

Опубликовано: 14 нояб. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Ссылки

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html
Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:intel:baseboard_management_controller_firmware:*:*:*:*:*:*:*:*

Версия до 2.18 (исключая)

Одно из

cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600bpbr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600bpqr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600bpsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600stbr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:bbs2600stqr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpb24rx:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpblcr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpbrx:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpchns2600bpbr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpchns2600bpqr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpchns2600bpsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr1208wfqysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr1208wftysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr1304wf0ysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr1304wftysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2208wf0zsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2208wfqzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2208wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2208wftzsrx:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2224wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2308wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2312wf0npr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:hpcr2312wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2208wftzsrx:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600stbr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600stqr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wf0r:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wfqr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wftr:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s9232wk1hlc:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s9232wk2hac:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s9232wk2hlc:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s9248wk1hlc:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s9248wk2hac:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s9248wk2hlc:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:s9256wk1hlc:-:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00626

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-q6vg-mgv4-jrch

github

больше 3 лет назад

Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

BDU:2019-04524

CVSS3: 8.1

fstec

около 6 лет назад

Уязвимость микропрограммного обеспечения контроллера удаленного управления Intel Baseboard Management Controller (BMC), связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании