{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_board_s2600bp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "905CC95F-AD91-4E3E-AAB3-7B89AD086BE4", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_board_s2600bp:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BA2B3A6-7582-437C-A7B5-D281A4B15F15", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_board_s2600wf_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BA33484-8E9F-4B53-9AA7-B33D1887F8F2", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_board_s2600wf:-:*:*:*:*:*:*:*", "matchCriteriaId": "27A7EB6D-0BFC-4867-B50D-C1EA408454FC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_board_s2600st_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9484A074-D3BC-4B14-8573-E0DE3279E73B", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_board_s2600st:-:*:*:*:*:*:*:*", "matchCriteriaId": "299A5554-98F1-412D-9E33-8FA8B483390E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_board_s2600bpr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1E49B55-1DAB-40DD-B2AF-98195BBDE601", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_board_s2600bpr:-:*:*:*:*:*:*:*", "matchCriteriaId": "F50D8078-3202-4F46-A44F-5A7A91E9B294", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_board_s2600wfr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01C63945-350B-4F4E-AD4F-799D42BC744C", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_board_s2600wfr:-:*:*:*:*:*:*:*", "matchCriteriaId": "48309FCE-2450-4E62-88E7-C3555407B088", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_board_s2600str_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F2B5CE4-46DA-435F-9580-3E6D7FDDF691", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_board_s2600str:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8A25193-F15D-4192-AE92-E93C0EDD288A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:compute_module_hns2600bp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CC64012-7A4D-44D2-AD4B-70D45FAE3028", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:compute_module_hns2600bp:-:*:*:*:*:*:*:*", "matchCriteriaId": "802277D8-D0CC-4604-A503-9E3B5CAA3BCB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:compute_module_hns2600bpr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4454BCDD-59E2-4CE1-A28A-86406C2C0090", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:compute_module_hns2600bpr:-:*:*:*:*:*:*:*", "matchCriteriaId": "862E033C-2B69-4F46-8E58-DC3FDE0854DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_system_r2000wf_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC911C85-6F09-4778-961D-C4267A60F93D", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_system_r2000wf:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0743F0A-5FFB-4A0C-8482-01921417D57D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_system_r1000wf_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "69ED2E89-62FF-4E0E-9D49-E8337CD10083", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_system_r1000wf:-:*:*:*:*:*:*:*", "matchCriteriaId": "5947C52C-C9BD-4B56-9409-A367F2C51D23", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_system_r1000wfr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE4F791D-63CC-4909-9AB2-41DE0F9E826D", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_system_r1000wfr:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2E8ECC5-0042-4E5D-8A68-4E118A324A65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_system_r2000wfr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "94477771-3A8B-498E-8300-C8C7476D7E52", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_system_r2000wfr:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F67DAC0-B63F-4681-ABAE-343A178A0FC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_system_h2000g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "45E8CDC7-BC33-401A-8D57-DEFC0B1AE143", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_system_h2000g:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1F31E91-5C88-4F33-8236-BAE1342F75CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:server_system_h2000gr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7708BD30-0487-40D2-BEC0-5509D8454EF9", "versionEndExcluding": "00.01.0014", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:server_system_h2000gr:-:*:*:*:*:*:*:*", "matchCriteriaId": "26233260-62F9-47A5-B6ED-B10813966244", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."}, {"lang": "es", "value": "Protecci\u00f3n de acceso insuficiente en el firmware en Intel Server Board, Intel Server System e Intel Compute Module en versiones del firmware anteriores a la 00.01.0014 podr\u00eda permitir que un atacante no autenticado pueda ejecutar c\u00f3digo arbitrario, lo que resulta en una divulgaci\u00f3n de informaci\u00f3n, escalado de privilegios y/o una denegaci\u00f3n de servicio (DoS) mediante acceso local."}], "id": "CVE-2018-12173", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-10T18:29:04.373", "references": [{"source": "secure@intel.com", "url": "http://support.lenovo.com/us/en/solutions/LEN-24799"}, {"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00179.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}]}