Insufficient Session Validation in Intel Baseboard Management Controller Firmware
CVE-2019-11173

7.1HIGH

Key Information:

Vendor
Intel
Vendor
CVE Published:
14 November 2019

Summary

The vulnerability involves insufficient session validation in the Intel Baseboard Management Controller firmware. This flaw may allow an unauthenticated user to access sensitive information or disrupt service availability through local access. Organizations using affected versions should apply necessary security updates to mitigate potential risks.

Affected Version(s)

Intel(R) BMC See provided reference

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.