Lucene search

[email protected]CVE-2022-29466

HistoryNov 11, 2022 - 4:15 p.m.

CVE-2022-29466

2022-11-1116:15:14

CWE-20

[email protected]

web.nvd.nist.gov

cve-2022-29466

intel sps

firmware

input validation

denial of service

nvd

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Improper input validation in firmware for Intel® SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access.

Affected configurations

NVD

Node

intelserver_platform_services_firmwareRange<sps_e3_04.01.04.700.0

CPENameOperatorVersion
intel:server_platform_services_firmwareintel server platform services firmwareltsps_e3_04.01.04.700.0

CPE	Name	Operator	Version
intel:server_platform_services_firmware	intel server platform services firmware	lt	sps_e3_04.01.04.700.0

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) SPS",
    "versions": [
      {
        "version": "before version SPS_E3_04.01.04.700.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html

Social References

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2022-29466

cvelist1 nvd1 prion1 intel1