Lucene search

IntelCVE-2023-35191

HistoryMar 14, 2024 - 5:15 p.m.

CVE-2023-35191

2024-03-1417:15:51

CWE-400

intel

web.nvd.nist.gov

cve-2023-35191

intel

sps

firmware

uncontrolled resource consumption

denial of service

nvd

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

EPSS

Percentile

9.0%

JSON

Uncontrolled resource consumption for some Intel® SPS firmware versions may allow a privileged user to potentially enable denial of service via network access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) SPS firmware versions",
    "versions": [
      {
        "version": "See references",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security.netapp.com/advisory/ntap-20240405-0005/

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-35191