fkie_cve-2019-11170
Vulnerability from fkie_nvd
Published
2019-11-14 17:15
Modified
2024-11-21 04:20
Severity ?
Summary
Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:baseboard_management_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22885F1F-00C7-423B-8B11-A9DB70EE6677",
"versionEndExcluding": "2.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B49A0E57-126A-4C60-A748-5D357E7B4670",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600bpbr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE87A7F1-AEE2-47AF-A69F-B85C0DC4D4F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34BB3CD5-DF01-40A8-9906-5C5B306C1B85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600bpqr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "263AF100-E101-4FEC-8CB3-8FFDB22B5E27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B3CC4D7-1756-44DB-814D-57106E6826C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600bpsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECDD9533-1592-465E-B2B3-DB6077782D10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7819ABC6-800C-4141-A31F-14CBE788EF62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600stbr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC60590-8707-4B7D-A1D8-188D53F38016",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "106C758A-F23A-48B3-8360-A10212AF50E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:bbs2600stqr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F0759F-4583-43CF-AE0B-584A4DDAC633",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F002684-C456-40F0-AA2A-97C79AE5EECA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4E1CD8-2A13-4BC9-87D9-24E9E0897500",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpb24rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF16FE0-6AA8-4F23-BCFC-43AD3DB3CA35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "796E437A-B972-4D30-B0A4-53366693C7DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC284-540E-492A-A0E6-A193DEAD3102",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC9E77D-DDB7-41AB-8728-9782336C167B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpblcr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19AAEC7C-3538-4041-A644-515B142F6E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE6E2091-967D-4BA1-B190-9A2D13FE4AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpbrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EA0A02-732D-46DC-88B3-8B3D29FDC69B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24786B0E-36AC-4DBD-8778-DC836CF81CB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0431FDBE-4A58-40B1-B635-225E5B9EDBBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7138CA16-5DDA-4CAB-AF4F-6B4127C1055F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EADDC0-0AAE-4445-9764-1C54E3898FFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B1290-FAD0-4869-A1FA-A4D12BB602CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86739A74-AE8B-4699-8C1B-AC5D30C4FA50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD891C11-B432-4B87-96BE-7C8BFA76E801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpchns2600bpbr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FABE36A4-3F68-4077-A619-743AB1FB92AC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpchns2600bpqr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E521A2A-B231-4D00-AA1A-92B228B99E4A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpchns2600bpsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1A7612-E617-43DE-826E-DDD7F968CDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr1208wfqysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75737EC4-8161-4F09-AD90-7C7E25ACBCBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr1208wftysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83471545-E7E5-44E7-9967-2F2D808AA866",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr1304wf0ysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "857AF7AC-6368-4632-8DDB-9A5A18CB2E7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr1304wftysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF75DFA-62D9-4CFE-A503-F07A56573CEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2208wf0zsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0063DE-78A8-49CC-AE3D-8B23F514AEF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2208wfqzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F954A5AA-AD4D-4754-8087-DF6ED312DCBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2208wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50201278-AD47-468E-BA70-900399F2F758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2208wftzsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E99780-55F9-4CC5-ACEB-4A8C7DCB7262",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2224wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5909FF-C3FE-4453-9BEA-CB2C1AF67765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2308wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B062F88-6088-42AF-9B47-ACDEB88A4390",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2312wf0npr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6884DD-0C0F-453B-A826-6360C95BD10F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:hpcr2312wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB2F397-841E-4CCA-A2C5-D53FB9875FE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85763067-E9E5-4418-A51F-FF3DD3710F9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DD69C7-9E7C-4569-9971-A06F77028BB7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506908A-8081-4ADA-A986-E02415956AB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DEF6206-E94C-4C16-8D91-AD776D62F79F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E6AFA4-49E7-4191-9EA2-7E2EE269067B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A47AC30-315C-4E4B-BBBB-305FA5131281",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48054F35-53C1-4480-86E2-CB8260DD84B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8029A5F9-E999-4BA9-AA77-14A73B83454E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B83196F-06BD-41D6-A6B8-C7ABD25CA238",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07C54A6D-7193-4AC3-A1E5-3CE16DF54FCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E49457-D38D-4145-81F2-7FA4D463CD24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB1E675-B059-4F28-8EBA-9FA5EF6E4044",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2208wftzsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17B4BCA5-E552-4CAA-B2A7-0A311D7A6D49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13C6540A-C5E4-46E5-BB7C-E4C53904AE68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D952C1D5-581F-4ADC-8DB5-3682DC8588CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6DFA67-F1EE-4DBB-8E7B-CCDF097DC8BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3183B56-D5BB-4010-B2EE-3427D796D2A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98B6DF59-DF1E-4D9C-B574-37DC398B16AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "931E4D81-FAF0-4BFF-92E0-D5F653C5E845",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6982CB5F-4448-48D4-BD3A-782874AB2304",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B14E3D1D-B614-458D-8F78-E25CC89B311E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81818501-4F4A-4CED-895D-84D6DC139811",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600stbr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA9657DC-AA1C-4B47-9286-3D7D73F9A714",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDFAF1C-E386-4F35-8A81-492713F10A92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600stqr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "495BFD25-08D3-4DDE-A640-5E7D85AB0560",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8B99E9-63EF-45FA-AD23-1CEBDB3DD41E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600wf0r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C74211C3-3F9D-41E8-AB5B-16205AD90B64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F105271A-9DC1-42CE-9D19-E4A55BE1F04E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600wfqr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC998F55-2B5C-418D-9B17-23A05C75F454",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s2600wftr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51C622C8-95E1-4A7F-B3E1-4199310CF4E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s9232wk1hlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D96863-E459-4C0E-B0C8-5207FC3E7962",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s9232wk2hac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86F92047-1D58-47E6-89AC-D4434230DB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s9232wk2hlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F422B74A-AF81-4D17-AFEC-E228C5B2023E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s9248wk1hlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A107D2-6521-4C91-A35D-6E92A5A15A47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s9248wk2hac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DDFA5-349D-4451-95B1-35ACD8F1D354",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s9248wk2hlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B11D98E4-73ED-45D7-A224-E734283585EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:s9256wk1hlc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "605AD870-F4F5-4159-89BE-9B29D58C04C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access."
},
{
"lang": "es",
"value": "Una omisi\u00f3n de autenticaci\u00f3n en el firmware de Intel\u00ae Baseboard Management Controller, puede habilitar a un usuario no autenticado para permitir potencialmente una divulgaci\u00f3n de informaci\u00f3n, una escalada de privilegios y/o una denegaci\u00f3n de servicio por medio de un acceso local."
}
],
"id": "CVE-2019-11170",
"lastModified": "2024-11-21T04:20:39.533",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-14T17:15:13.757",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.