Insufficient Input Validation in Intel Baseboard Management Controller Firmware
CVE-2019-11175

7.5HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Bmc
Vendor: CVE Published:; 14 November 2019

Summary

An insufficient input validation issue in the firmware of Intel Baseboard Management Controller (BMC) can be exploited by an unauthenticated user. This vulnerability may lead to denial of service through network access, compromising the availability and functionality of BMC management features, thereby affecting the overall security of systems utilizing the affected firmware.

Affected Version(s)

Intel(R) BMC See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2019
Vulnerability Reserved
Apr 11, 2019