Lucene search
HistoryAug 13, 2020 - 3:15 a.m.
CVE-2020-8711
security
intel
access control
cve-2020-8711
privilege escalation
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.7%
Improper access control in the bootloader for some Intelยฎ Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelserver_board_s2600wt_firmwareRange<2.45
intelserver_board_s2600wt2Match-
ORintelserver_board_s2600wt2rMatch-
ORintelserver_board_s2600wttMatch-
ORintelserver_board_s2600wttrMatch-
Node
intelserver_system_r1000wt_firmwareRange<2.45
intelserver_system_r1208wt2gsMatch-
ORintelserver_system_r1208wt2gsrMatch-
ORintelserver_system_r1208wttgsMatch-
ORintelserver_system_r1208wttgsbppMatch-
ORintelserver_system_r1208wttgsrMatch-
ORintelserver_system_r1304wt2gsMatch-
ORintelserver_system_r1304wt2gsrMatch-
ORintelserver_system_r1304wttgsMatch-
ORintelserver_system_r1304wttgsrMatch-
Node
intelserver_system_r2000wt_firmwareRange<2.45
intelserver_system_r2208wt2ysMatch-
ORintelserver_system_r2208wt2ysrMatch-
ORintelserver_system_r2208wttyc1Match-
ORintelserver_system_r2208wttyc1rMatch-
ORintelserver_system_r2208wttysMatch-
ORintelserver_system_r2208wttysrMatch-
ORintelserver_system_r2224wttysMatch-
ORintelserver_system_r2224wttysrMatch-
ORintelserver_system_r2308wttysMatch-
ORintelserver_system_r2308wttysrMatch-
ORintelserver_system_r2312wttysMatch-
ORintelserver_system_r2312wttysrMatch-
Node
intelserver_board_s2600cwRange<2.45
intelserver_board_s2600cw2Match-
ORintelserver_board_s2600cw2rMatch-
ORintelserver_board_s2600cw2sMatch-
ORintelserver_board_s2600cw2srMatch-
ORintelserver_board_s2600cwtMatch-
ORintelserver_board_s2600cwtrMatch-
ORintelserver_board_s2600cwtsMatch-
ORintelserver_board_s2600cwtsrMatch-
Node
intelcompute_module_hns2600kp_firmwareRange<2.45
intelcompute_module_hns2600kpMatch-
ORintelcompute_module_hns2600kpfMatch-
ORintelcompute_module_hns2600kpfrMatch-
ORintelcompute_module_hns2600kprMatch-
Node
intelserver_board_s2600kp_firmwareRange<2.45
intelserver_board_s2600kpMatch-
ORintelserver_board_s2600kpfMatch-
ORintelserver_board_s2600kpfrMatch-
ORintelserver_board_s2600kprMatch-
ORintelserver_board_s2600kptrMatch-
Node
intelcompute_module_hns2600tp_firmwareRange<2.45
intelcompute_module_hns2600tpMatch-
ORintelcompute_module_hns2600tp24rMatch-
ORintelcompute_module_hns2600tp24srMatch-
ORintelcompute_module_hns2600tpfMatch-
ORintelcompute_module_hns2600tpfrMatch-
ORintelcompute_module_hns2600tprMatch-
Node
intelcompute_module_s2600tp_firmwareRange<2.45
intelserver_board_s2600tpMatch-
ORintelserver_board_s2600tpfMatch-
ORintelserver_board_s2600tpfrMatch-
ORintelserver_board_s2600tprMatch-
Node
intelserver_board_s1200sp_firmwareRange<2.45
intelserver_board_s1200splMatch-
ORintelserver_board_s1200splrMatch-
ORintelserver_board_s1200spoMatch-
ORintelserver_board_s1200sporMatch-
ORintelserver_board_s1200spsMatch-
ORintelserver_board_s1200spsrMatch-
Node
intelserver_system_lr1304sp_firmwareRange<2.45
intelserver_system_lr1304spcfg1Match-
ORintelserver_system_lr1304spcfg1rMatch-
ORintelserver_system_lr1304spcfsgx1Match-
Node
intelserver_system_lsvrp_firmwareRange<2.45
intelserver_system_lsvrp4304es6xx1Match-
ORintelserver_system_lsvrp4304es6xxrMatch-
Node
intelserver_system_r1000sp_firmwareRange<2.45
intelserver_system_r1208sposhorMatch-
ORintelserver_system_r1208sposhorrMatch-
ORintelserver_system_r1304sposhbnMatch-
ORintelserver_system_r1304sposhbnrMatch-
ORintelserver_system_r1304sposhorMatch-
ORintelserver_system_r1304sposhorrMatch-
Node
intelserver_board_s2600wf_firmwareRange<2.45
intelserver_board_s2600wf0Match-
ORintelserver_board_s2600wf0rMatch-
ORintelserver_board_s2600wfqMatch-
ORintelserver_board_s2600wfqrMatch-
ORintelserver_board_s2600wftMatch-
ORintelserver_board_s2600wftrMatch-
Node
intelserver_system_r1000wf_firmwareRange<2.45
intelserver_system_lnetcnt3yMatch-
ORintelserver_system_mcb2208wfaf4Match-
ORintelserver_system_mcb2208wfaf5Match-
ORintelserver_system_mcb2208wfaf6Match-
ORintelserver_system_mcb2208wfhy2Match-
ORintelserver_system_nb2208wfqnfviMatch-
ORintelserver_system_r1208wfqysrMatch-
ORintelserver_system_r1208wftysMatch-
ORintelserver_system_r1208wftysrMatch-
ORintelserver_system_r1304wf0ysMatch-
ORintelserver_system_r1304wf0ysrMatch-
ORintelserver_system_r1304wftysMatch-
ORintelserver_system_r1304wftysrMatch-
Node
intelserver_system_r2000wf_firmwareRange<2.45
intelserver_system_r2208wf0zsMatch-
ORintelserver_system_r2208wf0zsrMatch-
ORintelserver_system_r2208wfqzsMatch-
ORintelserver_system_r2208wfqzsrMatch-
ORintelserver_system_r2208wftzsMatch-
ORintelserver_system_r2208wftzsrMatch-
ORintelserver_system_r2224wfqzsMatch-
ORintelserver_system_r2224wftzsMatch-
ORintelserver_system_r2224wftzsrMatch-
ORintelserver_system_r2308wftzsMatch-
ORintelserver_system_r2308wftzsrMatch-
ORintelserver_system_r2312wf0npMatch-
ORintelserver_system_r2312wf0nprMatch-
ORintelserver_system_r2312wfqzsMatch-
ORintelserver_system_r2312wftzsMatch-
ORintelserver_system_r2312wftzsrMatch-
ORintelserver_system_vrn2208waf6Match-
ORintelserver_system_vrn2208wfaf81Match-
ORintelserver_system_vrn2208wfaf82Match-
ORintelserver_system_vrn2208wfaf83Match-
ORintelserver_system_vrn2208wfhy6Match-
Node
intelserver_board_s2600st_firmwareRange<2.45
intelserver_board_s2600stbMatch-
ORintelserver_board_s2600stbrMatch-
ORintelserver_board_s2600stqMatch-
ORintelserver_board_s2600stqrMatch-
Node
intelcompute_module_hns2600bp_firmwareRange<2.45
intelcompute_module_hns2600bpbMatch-
ORintelcompute_module_hns2600bpb24Match-
ORintelcompute_module_hns2600bpb24rMatch-
ORintelcompute_module_hns2600bpblcMatch-
ORintelcompute_module_hns2600bpblc24Match-
ORintelcompute_module_hns2600bpblc24rMatch-
ORintelcompute_module_hns2600bpblcrMatch-
ORintelcompute_module_hns2600bpbrMatch-
ORintelcompute_module_hns2600bpqMatch-
ORintelcompute_module_hns2600bpq24Match-
ORintelcompute_module_hns2600bpq24rMatch-
ORintelcompute_module_hns2600bpqrMatch-
ORintelcompute_module_hns2600bpsMatch-
ORintelcompute_module_hns2600bps24Match-
ORintelcompute_module_hns2600bps24rMatch-
ORintelcompute_module_hns2600bpsrMatch-
Node
intelserver_board_s2600bp_firmwareRange<2.45
intelserver_board_s2600bpbMatch-
ORintelserver_board_s2600bpbrMatch-
ORintelserver_board_s2600bpqMatch-
ORintelserver_board_s2600bpqrMatch-
ORintelserver_board_s2600bpsMatch-
ORintelserver_board_s2600bpsrMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| intel:server_board_s2600wt_firmware | intel server board s2600wt firmware | lt | 2.45 |
CNA Affected
[
{
"product": "Intel(R) Server Boards, Server Systems and Compute Modules Advisory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Before version 2.45"
}
]
}
]Related
nvd
nvd
CVE-2020-8711
2020-08-13 03:15:15
prion
prion
Improper access control
2020-08-13 03:15:00
cvelist
cvelist
CVE-2020-8711
2020-08-13 02:42:10
intel
intel
Intelยฎ Server Boards, Server Systems and Compute Modulesย Advisory
2020-08-11 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2020-8711