mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
68 lines
2.4 KiB
JSON
68 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secure@intel.com",
|
|
"DATE_PUBLIC": "2018-10-09T00:00:00",
|
|
"ID": "CVE-2018-12173",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Intel Server Boards Firmware",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "before 00.01.0014"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Intel Corporation"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00179.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00179.html"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "http://support.lenovo.com/us/en/solutions/LEN-24799",
|
|
"url": "http://support.lenovo.com/us/en/solutions/LEN-24799"
|
|
}
|
|
]
|
|
}
|
|
} |