3 matches found
CVE-2022-29494
CVE-2022-29494 affects OpenBMC firmware on some Intel platforms. The issue is an improper input validation in the firmware before versions egs-0.91-179 and bhs-04-45, which may allow an authenticated user to cause a denial of service over the network. Affected products include OpenBMC on Intel pl...
CVE-2023-32280
CVE-2023-32280 affects Intel Server OpenBMC firmware prior to egs-1.05. Root cause: insufficiently protected credentials, enabling an unauthenticated user to disclose information over the network. Impact per sources: information disclosure with network access; CVSS v3.1 base score 5.3 (AV:N/AC:L/...
CVE-2023-31189
CVE-2023-31189 refers to improper authentication in Intel OpenBMC firmware for some Intel Server Product OpenBMC prior to version egs-1.09, enabling an authenticated local user to escalate privileges. The issue is rooted in authentication weaknesses within the OpenBMC firmware and is limited to l...