Vulnerabilities > Intel > Baseboard Management Controller Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-11175 Improper Input Validation vulnerability in Intel Baseboard Management Controller Firmware 2.09
Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.
network
low complexity
intel CWE-20
7.5
7.5
2019-11-14 CVE-2019-11174 Unspecified vulnerability in Intel Baseboard Management Controller Firmware 2.09
Insufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel
5.3
5.3
2019-11-14 CVE-2019-11173 Unspecified vulnerability in Intel Baseboard Management Controller Firmware 2.09
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local access.
local
low complexity
intel
7.1
7.1
2019-11-14 CVE-2019-11172 Out-of-bounds Read vulnerability in Intel Baseboard Management Controller Firmware 2.09
Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-125
5.3
5.3
2019-11-14 CVE-2019-11171 Out-of-bounds Write vulnerability in Intel Baseboard Management Controller Firmware 2.09
Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access.
network
low complexity
intel CWE-787
critical
 9.8
9.8
2019-11-14 CVE-2019-11170 Improper Authentication vulnerability in Intel Baseboard Management Controller Firmware 2.09
Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access.
local
low complexity
intel CWE-287
7.8
7.8
2019-11-14 CVE-2019-11168 Unspecified vulnerability in Intel Baseboard Management Controller Firmware 2.09
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
network
low complexity
intel
critical
 9.1
9.1