Lucene search
HistoryJan 11, 2023 - 8:15 a.m.
CVE-2023-20522
cve-2023-20522
insufficient input validation
asp
attacker
malicious bios
denial of service
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.9%
Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service.
Affected configurations
Node
amdmilanpi_firmwareRange<1.0.0.5
amdmilanpiMatch-
Node
amdromepi_firmwareRange<100d
amdromepiMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| amd:milanpi_firmware | amd milanpi firmware | lt | 1.0.0.5 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "2nd Gen EPYC",
"vendor": " AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "3rd Gen EPYC",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
}
]Related
nvd
nvd
CVE-2023-20522
2023-01-11 08:15:13
prion
prion
Input validation
2023-01-11 08:15:00
cvelist
cvelist
CVE-2023-20522
2023-01-10 20:56:58
amd
amd
AMD Server Vulnerabilities – January 2023
2023-01-10 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.9%
Related for CVE-2023-20522