Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00474
HistoryJun 08, 2021 - 12:00 a.m.

Intel® Server Board M10JNP2SB Advisory

2021-06-0800:00:00
Intel Security Center
www.intel.com
6

0.001 Low

EPSS

Percentile

34.2%

JSON

Summary:

Potential security vulnerabilities in the Intel® Server Board M10JNP2SB Baseboard Management Controller (BMC) firmware may allow escalation of privilege and/or denial of service.** **Intel is releasing firmware updates to mitigate these potential vulnerabilities.

Vulnerability Details:

CVEID: CVE-2021-0101

Description: Buffer overflow in the BMC firmware for Intel® Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CVEID: CVE-2021-0070

Description: Improper input validation in the BMC firmware for Intel® Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CVEID: CVE-2021-0113

Description: Out of bounds write in the BMC firmware for Intel® Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.

CVSS Base Score: 6.1 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

CVEID: CVE-2021-0097

Description: Path traversal in the BMC firmware for Intel® Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.

CVSS Base Score: 6.1 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

Affected Products:

Intel® Server Board M10JNP2SB.

Recommendations:

Intel recommends updating the impacted products to Firmware Update Package - EFI BIOS 7215, BMC 8100.01.08 or later.

Updates are available for download at this location: <https://cdrdv2.intel.com/v1/dl/getContent/633985&gt;

Acknowledgements:

These issues were found externally.****

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

nessus 1
nvd 4
cve 4
cvelist 4
prion 4
nessus
nessus
Intel Server Board M10JNP2SB Advisory (INTEL-SA-00474)
2021-06-18 00:00:00
nvd
nvd
CVE-2021-0097
2021-06-09 19:15:09
CVE-2021-0070
2021-06-09 19:15:09
CVE-2021-0113
2021-06-09 19:15:09
cve
cve
CVE-2021-0070
2021-06-09 19:15:09
CVE-2021-0113
2021-06-09 19:15:09
CVE-2021-0097
2021-06-09 19:15:09
cvelist
cvelist
CVE-2021-0113
2021-06-09 19:00:22
CVE-2021-0070
2021-06-09 19:00:16
CVE-2021-0097
2021-06-09 19:00:29
prion
prion
Input validation
2021-06-09 19:15:00
Path traversal
2021-06-09 19:15:00
Cross site scripting
2021-06-09 19:15:00

0.001 Low

EPSS

Percentile

34.2%

JSON
Related for INTEL:INTEL-SA-00474
nessus1nvd4cve4cvelist4prion4