PT-2019-1629 · Intel · Intel Server Platform Services

Publicado

2019-03-12

Atualizado

2019-04-04

CVE-2018-12198

CVSS v3.1

6.0

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Intel Server Platform Services versions prior to SPS E5 04.00.04.393.0

Description The issue is related to insufficient input validation in the HECI subsystem of Intel Server Platform Services, which may allow a privileged user to cause a denial of service via local access. This could potentially be exploited by an attacker to disrupt service.

Recommendations For versions prior to SPS E5 04.00.04.393.0, update to version SPS E5 04.00.04.393.0 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2019-01176

CVE-2018-12198

Produtos afetados

Intel Server Platform Services

PT-2019-1629 · Intel · Intel Server Platform Services

CVE-2018-12198

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7