Lucene search

[email protected]CVE-2020-8721

HistoryAug 13, 2020 - 3:15 a.m.

CVE-2020-8721

2020-08-1303:15:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2020-8721

intel

server boards

server systems

compute modules

privilege escalation

local access

security vulnerability

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

11.8%

JSON

Improper input validation for some Intel® Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

CPENameOperatorVersion
intel:server_board_s2600wt_firmwareintel server board s2600wt firmwarelt1.59
intel:server_system_r1000wt_firmwareintel server system r1000wt firmwarelt1.59
intel:server_system_r2000wt_firmwareintel server system r2000wt firmwarelt1.59
intel:server_board_s2600cwintel server board s2600cwlt1.59
intel:compute_module_hns2600kp_firmwareintel compute module hns2600kp firmwarelt1.59
intel:server_board_s2600kp_firmwareintel server board s2600kp firmwarelt1.59
intel:compute_module_hns2600tp_firmwareintel compute module hns2600tp firmwarelt1.59
intel:compute_module_s2600tp_firmwareintel compute module s2600tp firmwarelt1.59
intel:server_board_s1200sp_firmwareintel server board s1200sp firmwarelt1.59
intel:server_system_lr1304sp_firmwareintel server system lr1304sp firmwarelt1.59

CPE	Name	Operator	Version
intel:server_board_s2600wt_firmware	intel server board s2600wt firmware	lt	1.59
intel:server_system_r1000wt_firmware	intel server system r1000wt firmware	lt	1.59
intel:server_system_r2000wt_firmware	intel server system r2000wt firmware	lt	1.59
intel:server_board_s2600cw	intel server board s2600cw	lt	1.59
intel:compute_module_hns2600kp_firmware	intel compute module hns2600kp firmware	lt	1.59
intel:server_board_s2600kp_firmware	intel server board s2600kp firmware	lt	1.59
intel:compute_module_hns2600tp_firmware	intel compute module hns2600tp firmware	lt	1.59
intel:compute_module_s2600tp_firmware	intel compute module s2600tp firmware	lt	1.59
intel:server_board_s1200sp_firmware	intel server board s1200sp firmware	lt	1.59
intel:server_system_lr1304sp_firmware	intel server system lr1304sp firmware	lt	1.59

Rows per page:

1-10 of 181

References

security.netapp.com/advisory/ntap-20200814-0002/

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00384.html

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

11.8%

JSON

Related for CVE-2020-8721

prion1 intel1