Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for Intel(R) Active Management Technology by Intel Corporation

    CVE-2018-3658 (GCVE-0-2018-3658)

    Vulnerability from nvd – Published: 2018-09-12 19:00 – Updated: 2024-09-16 22:35
    VLAI
    Summary
    Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Date Public
    2018-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.323Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
              },
              {
                "name": "106996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106996"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Active Management Technology",
              "vendor": "Intel Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions before 12.0.5."
                }
              ]
            }
          ],
          "datePublic": "2018-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-02-25T22:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
            },
            {
              "name": "106996",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106996"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "DATE_PUBLIC": "2018-09-11T00:00:00",
              "ID": "CVE-2018-3658",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Active Management Technology",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions before 12.0.5."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
                },
                {
                  "name": "106996",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106996"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20180924-0003/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-3658",
        "datePublished": "2018-09-12T19:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:35:54.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3657 (GCVE-0-2018-3657)

    Vulnerability from nvd – Published: 2018-09-12 19:00 – Updated: 2024-09-16 20:01
    VLAI
    Summary
    Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    Intel Corporation Intel(R) Active Management Technology Affected: Versions before version 12.0.5.
    Create a notification for this product.
    Date Public
    2018-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.304Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
              },
              {
                "name": "106996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106996"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Active Management Technology",
              "vendor": "Intel Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions before version 12.0.5."
                }
              ]
            }
          ],
          "datePublic": "2018-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-02-25T22:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
            },
            {
              "name": "106996",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106996"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "DATE_PUBLIC": "2018-09-11T00:00:00",
              "ID": "CVE-2018-3657",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Active Management Technology",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions before version 12.0.5."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
                },
                {
                  "name": "106996",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106996"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20180924-0003/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-3657",
        "datePublished": "2018-09-12T19:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:01:21.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3616 (GCVE-0-2018-3616)

    Vulnerability from nvd – Published: 2018-09-12 19:00 – Updated: 2024-09-16 16:53
    VLAI
    Summary
    Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Date Public
    2018-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
              },
              {
                "name": "106996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106996"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Active Management Technology",
              "vendor": "Intel Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions before 12.0.5."
                }
              ]
            }
          ],
          "datePublic": "2018-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-02-25T22:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
            },
            {
              "name": "106996",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106996"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "DATE_PUBLIC": "2018-09-11T00:00:00",
              "ID": "CVE-2018-3616",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Active Management Technology",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions before 12.0.5."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
                },
                {
                  "name": "106996",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106996"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20180924-0003/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-3616",
        "datePublished": "2018-09-12T19:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:53:35.507Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3657 (GCVE-0-2018-3657)

    Vulnerability from cvelistv5 – Published: 2018-09-12 19:00 – Updated: 2024-09-16 20:01
    VLAI
    Summary
    Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    Intel Corporation Intel(R) Active Management Technology Affected: Versions before version 12.0.5.
    Create a notification for this product.
    Date Public
    2018-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.304Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
              },
              {
                "name": "106996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106996"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Active Management Technology",
              "vendor": "Intel Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions before version 12.0.5."
                }
              ]
            }
          ],
          "datePublic": "2018-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-02-25T22:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
            },
            {
              "name": "106996",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106996"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "DATE_PUBLIC": "2018-09-11T00:00:00",
              "ID": "CVE-2018-3657",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Active Management Technology",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions before version 12.0.5."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
                },
                {
                  "name": "106996",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106996"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20180924-0003/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-3657",
        "datePublished": "2018-09-12T19:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:01:21.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3658 (GCVE-0-2018-3658)

    Vulnerability from cvelistv5 – Published: 2018-09-12 19:00 – Updated: 2024-09-16 22:35
    VLAI
    Summary
    Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Date Public
    2018-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.323Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
              },
              {
                "name": "106996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106996"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Active Management Technology",
              "vendor": "Intel Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions before 12.0.5."
                }
              ]
            }
          ],
          "datePublic": "2018-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-02-25T22:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
            },
            {
              "name": "106996",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106996"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "DATE_PUBLIC": "2018-09-11T00:00:00",
              "ID": "CVE-2018-3658",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Active Management Technology",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions before 12.0.5."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
                },
                {
                  "name": "106996",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106996"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20180924-0003/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-3658",
        "datePublished": "2018-09-12T19:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:35:54.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3616 (GCVE-0-2018-3616)

    Vulnerability from cvelistv5 – Published: 2018-09-12 19:00 – Updated: 2024-09-16 16:53
    VLAI
    Summary
    Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Date Public
    2018-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
              },
              {
                "name": "106996",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106996"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Active Management Technology",
              "vendor": "Intel Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions before 12.0.5."
                }
              ]
            }
          ],
          "datePublic": "2018-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-02-25T22:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
            },
            {
              "name": "106996",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106996"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "DATE_PUBLIC": "2018-09-11T00:00:00",
              "ID": "CVE-2018-3616",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Active Management Technology",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions before 12.0.5."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html"
                },
                {
                  "name": "106996",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106996"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03876en_us"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20180924-0003/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20180924-0003/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-3616",
        "datePublished": "2018-09-12T19:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:53:35.507Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }