Improper Authentication Vulnerability in Intel Server Boards and Systems
CVE-2020-8709

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Server Boards, Server Systems And Compute Modules Advisory
Vendor: CVE Published:; 13 August 2020

Summary

An improper authentication vulnerability exists in the socket services of certain Intel Server Boards, Server Systems, and Compute Modules prior to version 2.45. This flaw could potentially allow an unauthenticated user with adjacent access to execute unauthorized commands, thereby risking privilege escalation. System administrators are advised to upgrade their products to the latest versions to mitigate this risk. For more details, refer to Intel's advisory at https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00384.html and NetApp's advisory at https://security.netapp.com/advisory/ntap-20200814-0002/

Affected Version(s)

Intel(R) Server Boards, Server Systems and Compute Modules Advisory Before version 2.45

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200814-0002/

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 13, 2020
Vulnerability Reserved
Feb 6, 2020