CVE-2018-12173 Vulnerability Details

  /     /     /  

CVE-2018-12173 Metadata Quick Info

CVE Published: 10/10/2018 | CVE Updated: 16/09/2024 | CVE Year: 2018
Source: intel | Vendor: Intel Corporation | Product: Intel Server Boards Firmware
Status : PUBLISHED

---

CVE-2018-12173 Description

Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Escalation of Privilege, Denial of Service, Information Disclosure
Source: Intel Corporation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).