Infor AMT/ISM up to 11.8.76/11.12.76/11.22.76/12.0.63/14.0.32 Subsystem out-of-bounds read

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as problematic has been found in Infor AMT and ISM up to 11.8.76/11.12.76/11.22.76/12.0.63/14.0.32. This affects some unknown processing of the component Subsystem. Upgrading to version 11.8.77, 11.12.77, 11.22.77, 12.0.64 or 14.0.33 eliminates this vulnerability.

Field06/16/2020 12:24 PM06/16/2020 12:29 PM10/24/2020 06:55 PM
nameUpgradeUpgradeUpgrade
upgrade_version11.8.77/11.12.77/11.22.77/12.0.64/14.0.3311.8.77/11.12.77/11.22.77/12.0.64/14.0.3311.8.77/11.12.77/11.22.77/12.0.64/14.0.33
cveCVE-2020-8674CVE-2020-8674CVE-2020-8674
seealso156707 156708 156709 156710 156711 156712 156713 156714 156715 156716 156717 156718 156720 156721 156722 156723 156724 156725 156726156707 156708 156709 156710 156711 156712 156713 156714 156715 156716 156717 156718 156720 156721 156722 156723 156724 156725 156726156707 156708 156709 156710 156711 156712 156713 156714 156715 156716 156717 156718 156720 156721 156722 156723 156724 156725 156726
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcXXX
cvss3_nvd_basescore5.35.35.3
vendorInforInforInfor
nameAMT/ISMAMT/ISMAMT/ISM
version<=11.8.76/11.12.76/11.22.76/12.0.63/14.0.32<=11.8.76/11.12.76/11.22.76/12.0.63/14.0.32<=11.8.76/11.12.76/11.22.76/12.0.63/14.0.32
componentSubsystemSubsystemSubsystem
risk111
cvss2_vuldb_basescore4.34.34.3
cvss2_vuldb_tempscore3.73.73.7
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss3_meta_basescore5.35.35.3
cvss3_meta_tempscore5.15.15.1
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore5.15.15.1
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
date1592179200 (06/15/2020)1592179200 (06/15/2020)1592179200 (06/15/2020)
urlhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.htmlhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.htmlhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned15809472001580947200
cve_nvd_summaryOut-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access.Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access.
cwe0125 (information disclosure)125 (information disclosure)
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiNN
cvss2_nvd_aiNN
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prNN
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cLL
cvss3_nvd_iNN
cvss3_nvd_aNN
confirm_urlhttps://security.netapp.com/advisory/ntap-20200611-0007/

Want to stay up to date on a daily basis?

Enable the mail alert feature now!