Insufficient Input Validation in Intel Baseboard Management Controller Firmware
CVE-2019-11180

7.5HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Bmc
Vendor: CVE Published:; 14 November 2019

Summary

The vulnerability arises from insufficient input validation within the firmware of Intel's Baseboard Management Controller, which can be exploited by an unauthenticated user. This potentially allows the user to execute a denial of service condition through network access, compromising system availability and performance.

Affected Version(s)

Intel(R) BMC See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2019
Vulnerability Reserved
Apr 11, 2019