{"containers": {"cna": {"affected": [{"product": "NUC Kits", "vendor": "Intel Corporation", "versions": [{"status": "affected", "version": "BN0049 and below"}]}], "datePublic": "2017-10-06T00:00:00", "descriptions": [{"lang": "en", "value": "Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage."}], "problemTypes": [{"descriptions": [{"description": "Elevation of Privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-13T09:57:01", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr"}, {"name": "101241", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101241"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "DATE_PUBLIC": "2017-10-06T00:00:00", "ID": "CVE-2017-5700", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "NUC Kits", "version": {"version_data": [{"version_value": "BN0049 and below"}]}}]}, "vendor_name": "Intel Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of Privilege"}]}]}, "references": {"reference_data": [{"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr", "refsource": "CONFIRM", "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr"}, {"name": "101241", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101241"}]}}}}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2017-5700", "datePublished": "2017-10-06T00:00:00", "dateReserved": "2017-02-01T00:00:00", "dateUpdated": "2017-10-13T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "matchCriteriaId": "28E7338F-E97C-4C2A-8320-0BAEA1FB365C", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "91A1F20D-B5A6-4010-B94B-399329B426FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "2D356830-1DBB-43DE-A7E9-6A777EE39FA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "311F7D11-90D4-4702-9767-2C8540783937", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "2D6F051E-D237-4F87-B802-0DC0579E242F", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "E5F63727-A885-4D30-AF0D-7041160D807F", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "matchCriteriaId": "D44A0DD6-9FA9-4116-BB65-DC92F67412C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "matchCriteriaId": "68B87539-80FB-4204-82AF-5284B6E16190", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "matchCriteriaId": "776638A5-1CB9-4706-A8DD-8DBEEC0F0A1A", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "matchCriteriaId": "775C4FDA-94EE-47D7-8940-0FECC60DB1C8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*", "matchCriteriaId": "ACBE1C0D-69EF-45B5-9E70-C4DBD0A401BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "matchCriteriaId": "3C540E10-88AA-4EFF-99DE-4BE606A1C734", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "46AC578B-5063-47D7-887C-040B7DDAE41B", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "EDF95B5C-C4EF-4CF3-84C7-4789F79F7AB5", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "0A8293A0-3A36-41BF-AC70-CC48C5A93B8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "AFAE844D-523B-45EA-83D9-B97810245819", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "FC2C1007-EC35-4624-9EF7-325EFB9D51A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "matchCriteriaId": "AF3DCB3E-C437-428C-AAFB-C5D57DD1443E", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "matchCriteriaId": "AA87C97F-FC0B-42E2-8EBC-C39C778BD36F", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "matchCriteriaId": "36E5D240-4014-44BC-8440-C92FABCB4417", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "matchCriteriaId": "FFA85BEE-61CB-4033-B6B4-6A32AD1F2C67", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i5bnh:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA8FFEF7-5140-44F6-91CD-B9468F20692F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "matchCriteriaId": "08C0B75D-2A2C-4437-AE72-35BFB2C6F41A", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "F074D06A-B828-49EA-B1C2-0FCF71A83E4B", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "BBF75171-EF1D-4ADF-9125-4C9B4EF347CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "C28D8E17-7A98-4C5E-A9AB-5B56826460DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "B39A87F9-9C0B-4CD9-82EB-C7220F02BED9", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "2316FA59-3FAB-4D68-8016-F82649AA56A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "matchCriteriaId": "A5C9EEAE-8DA8-485F-ACFE-062F8062DCFA", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "matchCriteriaId": "7F4DEB05-EC57-465F-9721-BA2D82955982", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "matchCriteriaId": "468CF14F-D5F7-47EB-BCD1-628BBEBFD648", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "matchCriteriaId": "265BB588-1CB8-4F2C-B716-58FF6A6B0EB4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBF91B19-0FA1-4CE8-B729-A09612466725", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "matchCriteriaId": "0367FBB9-1E31-4BED-8E6F-AF4275D372AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "8361A20E-EB65-4C6C-9977-6A988D7414D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "0777E301-8278-4937-9B9C-0560985A1B85", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "73FE5A99-12CA-400F-9B7A-CCC477FF5192", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "509EE9C7-C13E-4EEC-ABC1-403B15A6DED0", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "BE740CB3-7D90-4B00-B3FF-116B74EA5249", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "matchCriteriaId": "CBE67A7F-9ABB-47D9-A576-4FE7E665477E", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "matchCriteriaId": "21CBBF36-F05A-4190-9C11-6DA2B7CA503F", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "matchCriteriaId": "BE611A09-0D29-4163-8616-7A7CC12C6ADC", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "matchCriteriaId": "7143E57A-504B-414B-B22C-F1C8FB929E22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i3bnh:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC5EC4E6-B529-48DC-9251-73633807E4A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "matchCriteriaId": "22DDB889-967C-4924-8B5C-92B2D561E55A", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "EED1ABBA-E6F0-4E1C-A327-220508EBE960", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "6915BBE5-8F58-4652-A5EC-B0153628F696", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "matchCriteriaId": "3B550844-0CFE-465C-B383-05FA21253F1E", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "C80B6A2B-A318-4A6C-9EDE-C749019E911B", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "matchCriteriaId": "11E0F74B-EEA3-4656-8CF2-318E0EA42183", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "matchCriteriaId": "0A860E39-FB9A-4288-99B0-2692995BCD1B", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "matchCriteriaId": "0F212139-E8B6-4CFE-856B-BCD9E2EBC1C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "matchCriteriaId": "A017F978-9BD3-4830-85EC-538F0E513F65", "vulnerable": true}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "matchCriteriaId": "AA512D48-426B-4C13-809A-719AA2B241FF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*", "matchCriteriaId": "A810CE8E-3B2C-458D-BAE4-BA3AEC4FA5CA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage."}, {"lang": "es", "value": "Insuficiente protecci\u00f3n del almacenamiento de contrase\u00f1as en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que atacantes locales omitan las contrase\u00f1as Administrator y User mediante el acceso al almacenamiento de contrase\u00f1as."}], "id": "CVE-2017-5700", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-11T00:29:00.207", "references": [{"source": "secure@intel.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101241"}, {"source": "secure@intel.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}