Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-31189

Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.

Published

2024-02-14T14:15:50.310

Last Modified

2026-01-14T18:29:39.013

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.2 (MEDIUM)

Weaknesses

Type: Secondary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	intel	openbmc	< egs-1.09	Yes
Hardware	intel	xeon_bronze_3408u	-	No
Hardware	intel	xeon_gold_5403n	-	No
Hardware	intel	xeon_gold_5411n	-	No
Hardware	intel	xeon_gold_5412u	-	No
Hardware	intel	xeon_gold_5415\+	-	No
Hardware	intel	xeon_gold_5416s	-	No
Hardware	intel	xeon_gold_5418n	-	No
Hardware	intel	xeon_gold_5418y	-	No
Hardware	intel	xeon_gold_5420\+	-	No
Hardware	intel	xeon_gold_5423n	-	No
Hardware	intel	xeon_gold_5433n	-	No
Hardware	intel	xeon_gold_6403n	-	No
Hardware	intel	xeon_gold_6414u	-	No
Hardware	intel	xeon_gold_6416h	-	No
Hardware	intel	xeon_gold_6418h	-	No
Hardware	intel	xeon_gold_6421n	-	No
Hardware	intel	xeon_gold_6423n	-	No
Hardware	intel	xeon_gold_6426y	-	No
Hardware	intel	xeon_gold_6428n	-	No
Hardware	intel	xeon_gold_6430	-	No
Hardware	intel	xeon_gold_6433n	-	No
Hardware	intel	xeon_gold_6433ne	-	No
Hardware	intel	xeon_gold_6434	-	No
Hardware	intel	xeon_gold_6434h	-	No
Hardware	intel	xeon_gold_6438m	-	No
Hardware	intel	xeon_gold_6438n	-	No
Hardware	intel	xeon_gold_6438y\+	-	No
Hardware	intel	xeon_gold_6442y	-	No
Hardware	intel	xeon_gold_6443n	-	No
Hardware	intel	xeon_gold_6444y	-	No
Hardware	intel	xeon_gold_6448h	-	No
Hardware	intel	xeon_gold_6448y	-	No
Hardware	intel	xeon_gold_6454s	-	No
Hardware	intel	xeon_gold_6458q	-	No
Hardware	intel	xeon_platinum_8444h	-	No
Hardware	intel	xeon_platinum_8450h	-	No
Hardware	intel	xeon_platinum_8452y	-	No
Hardware	intel	xeon_platinum_8454h	-	No
Hardware	intel	xeon_platinum_8458p	-	No
Hardware	intel	xeon_platinum_8460h	-	No
Hardware	intel	xeon_platinum_8460y\+	-	No
Hardware	intel	xeon_platinum_8461v	-	No
Hardware	intel	xeon_platinum_8462y\+	-	No
Hardware	intel	xeon_platinum_8468	-	No
Hardware	intel	xeon_platinum_8468h	-	No
Hardware	intel	xeon_platinum_8468v	-	No
Hardware	intel	xeon_platinum_8470	-	No
Hardware	intel	xeon_platinum_8470n	-	No
Hardware	intel	xeon_platinum_8471n	-	No
Hardware	intel	xeon_platinum_8480\+	-	No
Hardware	intel	xeon_platinum_8490h	-	No
Hardware	intel	xeon_silver_4410t	-	No
Hardware	intel	xeon_silver_4410y	-	No

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html Vendor Advisory ([email protected])
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)