fkie_cve-2020-12300
Vulnerability from fkie_nvd
Published
2020-08-13 04:15
Modified
2024-11-21 04:59
Severity ?
Summary
Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | https://security.netapp.com/advisory/ntap-20200814-0001/ | Third Party Advisory | |
| secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00367.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200814-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00367.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cw2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B645A19B-CD96-48B8-B14B-8EC3684609B1",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cw2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F90AD5-6952-4AA3-96D5-D5560C394175",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cw2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F058A827-3D89-46D5-8E95-A4199B6447A3",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cw2s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1682D8B3-28F8-4C06-A036-0F9F8E0CDC27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cwt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E89370D-F822-4DB3-855C-11860AA37C26",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cwt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D24C871-1063-4352-9346-948AB10F911B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cwts_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2C77D1-A18C-47CC-8137-E451C9FDD451",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cwts:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A449EC-3802-4BAB-87AF-F2BEA33B8FD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cw2r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BC5F6F-51DE-470D-ABDD-3CF54DA30E0B",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cw2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED55BA8C-A62E-42E2-B279-3BC11357E3A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cw2sr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BD7C37-5198-480D-ACDB-C57CE4B2F1AA",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cw2sr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EB850D-7FC6-4173-B33D-17BB32F5B100",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cwtr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5654D1D-C2EA-4CC0-9D82-6C1B4A60006F",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cwtr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E901C902-951D-4F78-814D-0AD6F1E1F40B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600cwtsr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54A6BDF6-845D-4A9C-B063-A8ADEA55970E",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600cwtsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58EC2FEA-48E1-4D3B-8AEC-B5DD06BE13FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600kp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8A9DFA-573E-4588-BF5C-0B5EE4F9B9C2",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600kp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "126A6A74-1D60-431D-8AF3-C3DB197FAA1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600kpf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DF8CD38-6D3B-4A3A-8B18-639F71589969",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600kpf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAE73754-548D-4DCA-A7AF-DB4482049388",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600kpr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "928E2733-056E-4D96-92C3-AFD1B99D7C95",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600kpr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "540DFDF8-E420-45E9-8E81-BAE9EAE3D1C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600kpfr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F671DE23-ACFB-46AD-A531-4E43CD548718",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600kpfr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9C9254-43DE-4DC9-A246-75C76B4C45B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600kptr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2E490B-6F53-4DE2-AAE8-45BCA7ED46BE",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600kptr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40EE02E9-BE39-425A-82CB-1BD4C5D9B899",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600tp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C35DE4C-E114-472C-AE9F-9BB67F71E456",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600tp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A586F9-AA1A-454D-869D-71BA92549050",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600tpf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7933939-27AB-4B49-8F3A-75076E7EC40B",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600tpf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638ED0C6-B07B-4367-9CEB-F83467696831",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600tpfr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5772A48-BB00-43F2-B015-1CC48E347984",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600tpfr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF6DBFD-8223-4EAC-B6B0-F721C91727A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600tpnr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6DE152-B075-4E96-9A34-455690434C2A",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600tpnr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C911A0CB-EF89-4295-9761-AAF687E2F8CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600tpr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7214B8EC-6CD4-456C-B40B-B07E8CAE3BCC",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600tpr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2DBEFE-CFBF-4424-A12B-C3A4C49E594C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600wt2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF31033B-C15D-4470-A398-98B3A2050D41",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600wt2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4709C4C-D8EE-4A2D-B794-08EAA7A811C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600wtt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56C3C1BB-9CA9-40D4-AE3B-A95FAF0D4ED3",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600wtt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD49BC58-9E3B-4385-8C12-3512808A403B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600wttr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A755033-4C91-499D-8666-C2D4429911DB",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600wttr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D97AAF4-938D-4B28-BEF1-D5F978AE3B7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600wt2r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4F98C1-738A-48BE-B52C-1597D0913A3B",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600wt2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12161640-C1D6-49A7-840C-5E3DCC0B5707",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s2600wtts1r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D58A5836-CE4C-45B6-93F5-0E395451B2FE",
"versionEndExcluding": "01.01.0029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s2600wtts1r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1993088-729D-477E-9210-E49432177C57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Un puntero no inicializado en el firmware del BIOS para Intel\u00ae Server Board Families versiones S2600CW, S2600KP, S2600TP, y S2600WT, puede permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios por medio de un acceso local"
}
],
"id": "CVE-2020-12300",
"lastModified": "2024-11-21T04:59:28.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-13T04:15:13.053",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200814-0001/"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00367.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200814-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00367.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…