Intel Server Platform Services prior SPS_E3_04.01.04.109.0/SPS_E3_04.08.04.070.0 Subsystem initialization

A vulnerability was found in Intel Server Platform Services and classified as critical. Affected by this issue is some unknown processing of the component Subsystem. Upgrading to version SPS_E3_04.01.04.109.0 or SPS_E3_04.08.04.070.0 eliminates this vulnerability.

Field	06/16/2020 08:30 AM	06/16/2020 08:35 AM	10/24/2020 04:21 PM
vendor	Intel	Intel	Intel
name	Server Platform Services	Server Platform Services	Server Platform Services
component	Subsystem	Subsystem	Subsystem
risk	2	2	2
historic	0	0	0
cvss2_vuldb_basescore	4.1	4.1	4.1
cvss2_vuldb_tempscore	3.6	3.6	3.6
cvss2_vuldb_av	L	L	L
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	S	S	S
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss3_meta_basescore	6.5	6.5	6.5
cvss3_meta_tempscore	6.3	6.3	6.3
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	5.1	5.1	5.1
cvss3_vuldb_av	L	L	L
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
date	1592179200 (06/15/2020)	1592179200 (06/15/2020)	1592179200 (06/15/2020)
url	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
price_0day	$5k-$25k	$5k-$25k	$5k-$25k
name	Upgrade	Upgrade	Upgrade
upgrade_version	SPS_E3_04.01.04.109.0/SPS_E3_04.08.04.070.0	SPS_E3_04.01.04.109.0/SPS_E3_04.08.04.070.0	SPS_E3_04.01.04.109.0/SPS_E3_04.08.04.070.0
cve	CVE-2020-0586	CVE-2020-0586	CVE-2020-0586
seealso	156707 156708 156709 156710 156711 156712 156713 156714 156715 156716 156717 156718 156720 156721 156723 156724 156725 156726 156771	156707 156708 156709 156710 156711 156712 156713 156714 156715 156716 156717 156718 156720 156721 156723 156724 156725 156726 156771	156707 156708 156709 156710 156711 156712 156713 156714 156715 156716 156717 156718 156720 156721 156723 156724 156725 156726 156771
location	Website	Website	Website
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	X	X	X
cvss3_nvd_basescore	7.8	7.8	7.8
cwe	0	665	665
cvss2_nvd_av		L	L
cvss2_nvd_ac		L	L
cvss2_nvd_au		N	N
cvss2_nvd_ci		P	P
cvss2_nvd_ii		P	P
cvss2_nvd_ai		P	P
cvss3_nvd_av		L	L
cvss3_nvd_ac		L	L
cvss3_nvd_pr		L	L
cvss3_nvd_ui		N	N
cvss3_nvd_s		U	U
cvss3_nvd_c		H	H
cvss3_nvd_i		H	H
cvss3_nvd_a		H	H
cve_assigned		1572220800	1572220800
cve_nvd_summary		Improper initialization in subsystem for Intel(R) SPS versions before SPS_E3_04.01.04.109.0 and SPS_E3_04.08.04.070.0 may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.	Improper initialization in subsystem for Intel(R) SPS versions before SPS_E3_04.01.04.109.0 and SPS_E3_04.08.04.070.0 may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.
confirm_url			https://kc.mcafee.com/corporate/index?page=content&id=SB10321

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!