Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-12171

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.

Published

2018-09-12T19:29:01.980

Last Modified

2024-11-21T03:44:41.537

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System intel bmc_firmware < 1.43.91f76955 Yes
Hardware intel bbs2600bpb - No
Hardware intel bbs2600bpq - No
Hardware intel bbs2600bps - No
Hardware intel bbs2600stb - No
Hardware intel bbs2600stq - No
Hardware intel hns2600bpb - No
Hardware intel hns2600bpb24 - No
Hardware intel hns2600bpblc - No
Hardware intel hns2600bpblc24 - No
Hardware intel hns2600bpq - No
Hardware intel hns2600bpq24 - No
Hardware intel hns2600bps - No
Hardware intel hns2600bps24 - No
Hardware intel r1208wftys - No
Hardware intel r1304wf0ys - No
Hardware intel r1304wftys - No
Hardware intel r2208wf0zs - No
Hardware intel r2208wfqzs - No
Hardware intel r2208wftzs - No
Hardware intel r2224wfqzs - No
Hardware intel r2224wftzs - No
Hardware intel r2308wftzs - No
Hardware intel r2312wf0np - No
Hardware intel r2312wfqzs - No
Hardware intel r2312wftzs - No
Hardware intel s2600stb - No
Hardware intel s2600stq - No
Hardware intel s2600wfo - No
Hardware intel s2600wfq - No
Hardware intel s2600wft - No
References