Intel CSME up to 11.8.75/11.12.76/11.22.76 Hash unknown vulnerability

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Intel CSME up to 11.8.75/11.12.76/11.22.76. Affected by this vulnerability is an unknown function. Upgrading to version 11.8.76, 11.12.77 or 11.22.77 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1055379410/24/2020VulD...confirm_urlhttps://security.netapp.com/advisory/ntap-20200611-0006/cve.mitre.org10/24/2020accepted70
1017083906/16/2020VulD...cve_nvd_summaryReversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.mitre.org06/16/2020accepted100
1017083806/16/2020VulD...cve_assigned1572220800mitre.org06/16/2020accepted100
1017083006/16/2020VulD...cvss3_nvd_aHnist.gov06/16/2020accepted100
1017082906/16/2020VulD...cvss3_nvd_iHnist.gov06/16/2020accepted100
1017082806/16/2020VulD...cvss3_nvd_cHnist.gov06/16/2020accepted100
1017082706/16/2020VulD...cvss3_nvd_sUnist.gov06/16/2020accepted100
1017082606/16/2020VulD...cvss3_nvd_uiNnist.gov06/16/2020accepted100
1017082506/16/2020VulD...cvss3_nvd_prHnist.gov06/16/2020accepted100
1017082406/16/2020VulD...cvss3_nvd_acLnist.gov06/16/2020accepted100
1017082306/16/2020VulD...cvss3_nvd_avLnist.gov06/16/2020accepted100
1017081006/16/2020VulD...cvss2_nvd_aiPnist.gov06/16/2020accepted100
1017080906/16/2020VulD...cvss2_nvd_iiPnist.gov06/16/2020accepted100
1017080806/16/2020VulD...cvss2_nvd_ciPnist.gov06/16/2020accepted100
1017080706/16/2020VulD...cvss2_nvd_auNnist.gov06/16/2020accepted100
1017080606/16/2020VulD...cvss2_nvd_acLnist.gov06/16/2020accepted100
1017080506/16/2020VulD...cvss2_nvd_avLnist.gov06/16/2020accepted100
1017079406/16/2020VulD...cwe916 (weak encryption)06/16/2020accepted100
1017084806/16/2020VulD...cvss3_nvd_basescore6.7nist.gov06/16/2020accepted90
1017084706/16/2020VulD...cvss3_vuldb_rcX06/16/2020accepted90

Do you want to use VulDB in your project?

Use the official API to access entries easily!