CVE-2018-12171

Published Sep 12, 2018

Last updated 5 years ago

CVSS critical 9.8

Overview

Description: Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.
Source: secure@intel.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B3F541B-3A23-4DD1-829D-2CF8A9698EDE",
            "versionEndExcluding": "1.43.91f76955"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B49A0E57-126A-4C60-A748-5D357E7B4670"
          },
          {
            "criteria": "cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "34BB3CD5-DF01-40A8-9906-5C5B306C1B85"
          },
          {
            "criteria": "cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8B3CC4D7-1756-44DB-814D-57106E6826C6"
          },
          {
            "criteria": "cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7819ABC6-800C-4141-A31F-14CBE788EF62"
          },
          {
            "criteria": "cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "106C758A-F23A-48B3-8360-A10212AF50E3"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4F08CC45-9AC9-4A00-83B9-F9D4970B0DE8"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F002684-C456-40F0-AA2A-97C79AE5EECA"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "796E437A-B972-4D30-B0A4-53366693C7DF"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0D9CC284-540E-492A-A0E6-A193DEAD3102"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24786B0E-36AC-4DBD-8778-DC836CF81CB1"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "613CDC12-2D3E-4BF3-AE2D-DCDEBEAED03D"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F9EADDC0-0AAE-4445-9764-1C54E3898FFD"
          },
          {
            "criteria": "cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E09B1290-FAD0-4869-A1FA-A4D12BB602CD"
          },
          {
            "criteria": "cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F1DD69C7-9E7C-4569-9971-A06F77028BB7"
          },
          {
            "criteria": "cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0DEF6206-E94C-4C16-8D91-AD776D62F79F"
          },
          {
            "criteria": "cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A47AC30-315C-4E4B-BBBB-305FA5131281"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EF575955-C7E1-4DD6-8AAE-5930EDFEDA93"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3B83196F-06BD-41D6-A6B8-C7ABD25CA238"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "30E49457-D38D-4145-81F2-7FA4D463CD24"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "13C6540A-C5E4-46E5-BB7C-E4C53904AE68"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D952C1D5-581F-4ADC-8DB5-3682DC8588CA"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "31EF6A93-7FDE-43A7-BB5D-1DD52318F60D"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98B6DF59-DF1E-4D9C-B574-37DC398B16AB"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6982CB5F-4448-48D4-BD3A-782874AB2304"
          },
          {
            "criteria": "cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B14E3D1D-B614-458D-8F78-E25CC89B311E"
          },
          {
            "criteria": "cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A08E8AD9-CA53-4F39-820E-D4A4D2D319EB"
          },
          {
            "criteria": "cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6DDFAF1C-E386-4F35-8A81-492713F10A92"
          },
          {
            "criteria": "cpe:2.3:h:intel:s2600wfo:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4CDAD0D9-C4DD-42B5-AC7F-4C53F406B762"
          },
          {
            "criteria": "cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F105271A-9DC1-42CE-9D19-E4A55BE1F04E"
          },
          {
            "criteria": "cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D4BEA962-CEFF-429C-BB64-1C3FEA98FCE9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References