Vulnerabilities > Intel > Baseboard Management Controller Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-11175 Improper Input Validation vulnerability in Intel Baseboard Management Controller Firmware
Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.
network
low complexity
intel CWE-20
5.0
5.0
2019-11-14 CVE-2019-11174 Unspecified vulnerability in Intel Baseboard Management Controller Firmware
Insufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel
5.0
5.0
2019-11-14 CVE-2019-11173 Session Fixation vulnerability in Intel Baseboard Management Controller Firmware
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local access.
local
low complexity
intel CWE-384
3.6
3.6
2019-11-14 CVE-2019-11172 Out-of-bounds Read vulnerability in Intel Baseboard Management Controller Firmware
Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-125
5.0
5.0
2019-11-14 CVE-2019-11171 Out-of-bounds Write vulnerability in Intel Baseboard Management Controller Firmware
Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access.
network
low complexity
intel CWE-787
7.5
7.5
2019-11-14 CVE-2019-11170 Improper Authentication vulnerability in Intel Baseboard Management Controller Firmware
Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access.
local
low complexity
intel CWE-287
7.2
7.2
2019-11-14 CVE-2019-11168 Unspecified vulnerability in Intel Baseboard Management Controller Firmware 2.09
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
network
low complexity
intel
critical
 9.1
9.1