PT-2023-12972 · Intel · Openbmc
Published
2023-02-16
·
Updated
2023-08-08
·
CVE-2022-29494
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
OpenBMC versions prior to egs-0.91-179
OpenBMC versions prior to bhs-04-45
Description
The issue is related to improper input validation in the firmware for OpenBMC in some Intel platforms, which may allow an authenticated user to potentially enable denial of service via network access.
Recommendations
For versions prior to egs-0.91-179, update to version egs-0.91-179 or later.
For versions prior to bhs-04-45, update to version bhs-04-45 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openbmc