Lucene search

[email protected]NVD:CVE-2018-3682

HistoryJul 10, 2018 - 9:29 p.m.

CVE-2018-3682

2018-07-1021:29:01

CWE-269

[email protected]

web.nvd.nist.gov

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.

Affected configurations

NVD

Node

intelbmc_firmwareMatch-

AND

intelbbs2600bpbMatch-

intelbbs2600bpqMatch-

intelbbs2600bpsMatch-

intelbbs2600stbMatch-

intelbbs2600stqMatch-

intelbbs7200apMatch-

intelbbs7200aplMatch-

inteldbs2600cw2rMatch-

inteldbs2600cw2srMatch-

inteldbs2600cwtrMatch-

inteldbs2600cwtsrMatch-

intelhns2600bpbMatch-

intelhns2600bpb24Match-

intelhns2600bpblcMatch-

intelhns2600bpblc24Match-

intelhns2600bpqMatch-

intelhns2600bpq24Match-

intelhns2600bpsMatch-

intelhns2600bps24Match-

intelhns2600kpfrMatch-

intelhns2600kprMatch-

intelhns2600tp24rMatch-

intelhns2600tp24srMatch-

intelhns2600tp24strMatch-

intelhns2600tpfrMatch-

intelhns2600tpnrMatch-

intelhns2600tprMatch-

intelhns7200apMatch-

intelhns7200aplMatch-

intelhns7200aprMatch-

intelhns7200aprlMatch-

intelr1208wftysMatch-

intelr1208wt2gsrMatch-

intelr1208wttgsrMatch-

intelr1304wf0ysMatch-

intelr1304wftysMatch-

intelr1304wt2gsrMatch-

intelr1304wttgsrMatch-

intelr2208wf0zsMatch-

intelr2208wfqzsMatch-

intelr2208wftzsMatch-

intelr2208wt2ysrMatch-

intelr2208wttyc1rMatch-

intelr2208wttysrMatch-

intelr2224wfqzsMatch-

intelr2224wftzsMatch-

intelr2224wttysrMatch-

intelr2308wftzsMatch-

intelr2308wttysrMatch-

intelr2312wf0npMatch-

intelr2312wfqzsMatch-

intelr2312wftzsMatch-

intelr2312wttysrMatch-

intels2600kpfrMatch-

intels2600kprMatch-

intels2600kptrMatch-

intels2600stbMatch-

intels2600stqMatch-

intels2600tpfrMatch-

intels2600tpnrMatch-

intels2600tprMatch-

intels2600tptrMatch-

intels2600wfoMatch-

intels2600wfqMatch-

intels2600wftMatch-

intels2600wt2rMatch-

intels2600wttrMatch-

intels2600wtts1rMatch-

intels7200aprMatch-

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00130.html

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for NVD:CVE-2018-3682

prion1 cvelist1 cve1 f51