Insufficient Input Validation in Intel Baseboard Management Controller Firmware
CVE-2019-11180

7.5HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Bmc
Vendor: CVE Published:; 14 November 2019

What is CVE-2019-11180?

The vulnerability arises from insufficient input validation within the firmware of Intel's Baseboard Management Controller, which can be exploited by an unauthenticated user. This potentially allows the user to execute a denial of service condition through network access, compromising system availability and performance.

Affected Version(s)

Intel(R) BMC See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2019
Vulnerability Reserved
Apr 11, 2019