CVE-2018-3616

5.9MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Active Management Technology
Vendor: CVE Published:; 12 September 2018

Summary

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.

Affected Version(s)

Intel(R) Active Management Technology Versions before 12.0.5.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-37731...

x_refsource_CONFIRM

https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05

x_refsource_MISC

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2018
Vulnerability Reserved
Dec 28, 2017