CVE-2019-0139 - OpenCVE

Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure via local access.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Intel	Ethernet Controller X710-bm2 Ethernet Controller Xxv710-am1 Firmware Ethernet Controller X710-at2 Firmware Ethernet Controller X710-tm4 Ethernet Controller Xxv710-am2 Firmware Ethernet Controller Xxv710-am1 Ethernet Controller X710-tm4 Firmware Ethernet 700 Series Software Ethernet Controller X710-at2 Ethernet Controller 710-bm1 Firmware Ethernet Controller 710-bm1 Ethernet Controller X710-bm2 Firmware Ethernet Controller Xxv710-am2

Configuration 1 [-]

AND

cpe:2.3:o:intel:ethernet_controller_x710-tm4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:ethernet_controller_x710-tm4:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:intel:ethernet_controller_x710-at2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:ethernet_controller_x710-at2:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:intel:ethernet_controller_xxv710-am2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:ethernet_controller_xxv710-am2:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:intel:ethernet_controller_xxv710-am1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:ethernet_controller_xxv710-am1:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:intel:ethernet_controller_x710-bm2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:ethernet_controller_x710-bm2:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:intel:ethernet_controller_710-bm1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:ethernet_controller_710-bm1:-:*:*:*:*:*:*:*

Configuration 7 [-]

cpe:2.3:a:intel:ethernet_700_series_software:*:*:*:*:*:*:*:*

References

Link	Resource
https://support.f5.com/csp/article/K08441753?utm_source=f5support&amp%3Butm_medium=RSS
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html	Patch Vendor Advisory