Vulnerability-Lookup

CVE-2023-31189 (GCVE-0-2023-31189)

Vulnerability from cvelistv5 – Published: 2024-02-14 13:37 – Updated: 2024-08-14 19:22

Summary

Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.

Severity ?

5.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE

escalation of privilege
CWE-287 - Improper authentication

Assigner

intel

References

URL

Tags

https://www.intel.com/content/www/us/en/security-…

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) Server Product OpenBMC firmware	Affected: before version egs-1.09

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:45:25.851Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-31189",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-14T19:21:57.416460Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-14T19:22:35.437Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Server Product OpenBMC firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version egs-1.09"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-287",
              "description": "Improper authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T13:37:52.110Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html",
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-31189",
    "datePublished": "2024-02-14T13:37:52.110Z",
    "dateReserved": "2023-06-09T03:00:03.580Z",
    "dateUpdated": "2024-08-14T19:22:35.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-31189\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2024-02-14T14:15:50.310\",\"lastModified\":\"2026-01-14T18:29:39.013\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\"La autenticaci\u00f3n incorrecta en algunos firmware OpenBMC de productos de servidor Intel(R) anteriores a la versi\u00f3n egs-1.09 puede permitir que un usuario autenticado habilite la escalada de privilegios a trav\u00e9s del acceso local.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":5.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.0,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.0,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:openbmc:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"egs-1.09\",\"matchCriteriaId\":\"38AEA92C-5EC0-4BF9-BEA1-1B55EE1BE717\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_bronze_3408u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09E7DE0D-42DB-4F10-930B-A0129CC27CAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5403n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562820DC-1CB4-4063-ACF0-00FE0A9B2E75\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5411n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EDBC632-F76D-4E3A-9A0E-8BE1DB5A0DDB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5412u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"316A237D-7975-453E-B92C-896F6364E2F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5415\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE27B5E7-7F00-4A27-B2C5-E66DE71AEF08\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5416s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C14795D9-BC55-417A-8D90-661AA6D1391A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5418n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9951E153-870C-4DC3-BFFB-4B870DA63AC9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5418y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E65EAAF-AD3E-4466-99F1-972CFB59D077\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5420\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FBB4E2C-DFCE-4B95-9817-A2E0C4A8997F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5423n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48A09287-D982-4AE6-B82E-BB772F384A84\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_5433n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"151E7C53-F9DA-47DD-828A-34A0740F5EF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6403n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8DD9CF9-6A89-4538-B95B-6464914430DC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6414u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05CF326D-3CE1-4270-B8E7-CE9A2A2A4409\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6416h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D24053A-FFD8-4BD8-8676-7CC117A4185F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6418h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94721676-CD1A-4056-BEBF-1523C3CE2A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6421n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B4C7008-1E66-4FBD-A197-DFDF4C38FFE3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6423n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76A41E6F-3874-4137-B80F-E6C0A839BCCC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6426y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4286B9B8-B329-4342-A8C3-AC9A85B6478F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6428n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"975E43D4-B152-44A3-A64A-C9FCC37240B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB6EA88D-45EB-419A-8ED0-4B32A1846DD6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6433n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"003A0C42-8D2E-462F-9709-2A8C26D98247\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6433ne:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF8F1C3A-64B1-44A8-97BD-8E915FB84B9F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6434:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"204B416D-B75B-4A44-8D37-8C6B84B77EF3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6434h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE8AEBC9-4A10-4D1F-B267-C9549521DDC8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6438m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D150604-EF92-464A-9DA9-8F07DEA7EA7D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6438n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"025106B8-53E0-485E-9009-0DA23D65F556\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6438y\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20643FF8-CC86-4B1F-A230-BF634E676F0E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6442y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8CC5990-41FB-49A8-81C9-6A94A17FCBBE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6443n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"337887FE-6938-4AB8-AE5A-10CAEFC7C350\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6444y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60E9D7F4-5854-4900-BECD-0E55504719AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6448h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1EC68B2-902A-400D-B473-6C01733C71CD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6448y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63140392-AA9E-43C1-8594-42E8B41C33CC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6454s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC71C847-8E80-4D85-823F-4567AF62D841\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_gold_6458q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71CFAFD6-4111-48FD-8DB1-81CB64F2958C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8444h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC500965-35C1-4747-818C-44E4D8FA2CD5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8450h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A79B597-104B-4869-8FD2-DC64876E746A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8452y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C528F941-F391-4B0F-85EA-71A1E039F3EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8454h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF9A4BED-EFBA-4565-AF8D-ECBDF5934E2C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8458p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED46098F-38C6-48CF-8BED-41423A6A4531\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8460h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFD8A966-382A-4737-B56F-59D68831B501\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8460y\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CCC2770-7DAE-41E9-A28F-FA742108174E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8461v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFE9690A-18D5-421A-B9B1-FD3FD6F5BB6E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8462y\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"336A6519-66D9-4F2A-9597-39BAD742129E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8468:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F65118-E8A7-44F1-A882-8B5E9C7E3C72\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8468h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0004ECE3-BECD-4E60-BE35-23DDAD1758FF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8468v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB861F62-6FA8-498A-B882-6E30814C15DC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8470:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD61523A-0CF0-4416-AC53-26F0415FA462\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8470n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC3448FA-4298-45EE-BA58-3202C5851540\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8471n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"569AE756-7CEC-44D7-9D4C-F1AE534F58DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8480\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCDFD394-1E5A-44AF-AB7F-610FBE69102A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_platinum_8490h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73363441-FC21-4183-89CE-5F52BE8EAEBC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_silver_4410t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A3B836B-2636-4015-9F64-6272E888A133\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:xeon_silver_4410y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16968277-3B4A-4B98-944A-4FFA6FAA7FAF\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:45:25.851Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-31189\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-14T19:21:57.416460Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-14T19:22:08.809Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) Server Product OpenBMC firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"before version egs-1.09\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"escalation of privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"Improper authentication\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2024-02-14T13:37:52.110Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-31189\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-14T19:22:35.437Z\", \"dateReserved\": \"2023-06-09T03:00:03.580Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2024-02-14T13:37:52.110Z\", \"assignerShortName\": \"intel\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-31189

Vulnerability from fkie_nvd - Published: 2024-02-14 14:15 - Updated: 2026-01-14 18:29

Severity ?

5.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.

References

	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html	Vendor Advisory

Impacted products

Vendor	Product	Version
intel	openbmc	*
intel	xeon_bronze_3408u	-
intel	xeon_gold_5403n	-
intel	xeon_gold_5411n	-
intel	xeon_gold_5412u	-
intel	xeon_gold_5415\+	-
intel	xeon_gold_5416s	-
intel	xeon_gold_5418n	-
intel	xeon_gold_5418y	-
intel	xeon_gold_5420\+	-
intel	xeon_gold_5423n	-
intel	xeon_gold_5433n	-
intel	xeon_gold_6403n	-
intel	xeon_gold_6414u	-
intel	xeon_gold_6416h	-
intel	xeon_gold_6418h	-
intel	xeon_gold_6421n	-
intel	xeon_gold_6423n	-
intel	xeon_gold_6426y	-
intel	xeon_gold_6428n	-
intel	xeon_gold_6430	-
intel	xeon_gold_6433n	-
intel	xeon_gold_6433ne	-
intel	xeon_gold_6434	-
intel	xeon_gold_6434h	-
intel	xeon_gold_6438m	-
intel	xeon_gold_6438n	-
intel	xeon_gold_6438y\+	-
intel	xeon_gold_6442y	-
intel	xeon_gold_6443n	-
intel	xeon_gold_6444y	-
intel	xeon_gold_6448h	-
intel	xeon_gold_6448y	-
intel	xeon_gold_6454s	-
intel	xeon_gold_6458q	-
intel	xeon_platinum_8444h	-
intel	xeon_platinum_8450h	-
intel	xeon_platinum_8452y	-
intel	xeon_platinum_8454h	-
intel	xeon_platinum_8458p	-
intel	xeon_platinum_8460h	-
intel	xeon_platinum_8460y\+	-
intel	xeon_platinum_8461v	-
intel	xeon_platinum_8462y\+	-
intel	xeon_platinum_8468	-
intel	xeon_platinum_8468h	-
intel	xeon_platinum_8468v	-
intel	xeon_platinum_8470	-
intel	xeon_platinum_8470n	-
intel	xeon_platinum_8471n	-
intel	xeon_platinum_8480\+	-
intel	xeon_platinum_8490h	-
intel	xeon_silver_4410t	-
intel	xeon_silver_4410y	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:openbmc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AEA92C-5EC0-4BF9-BEA1-1B55EE1BE717",
              "versionEndExcluding": "egs-1.09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xeon_bronze_3408u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E7DE0D-42DB-4F10-930B-A0129CC27CAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5403n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "562820DC-1CB4-4063-ACF0-00FE0A9B2E75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5411n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDBC632-F76D-4E3A-9A0E-8BE1DB5A0DDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "316A237D-7975-453E-B92C-896F6364E2F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5415\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE27B5E7-7F00-4A27-B2C5-E66DE71AEF08",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5416s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14795D9-BC55-417A-8D90-661AA6D1391A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5418n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9951E153-870C-4DC3-BFFB-4B870DA63AC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5418y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E65EAAF-AD3E-4466-99F1-972CFB59D077",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5420\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FBB4E2C-DFCE-4B95-9817-A2E0C4A8997F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5423n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A09287-D982-4AE6-B82E-BB772F384A84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_5433n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "151E7C53-F9DA-47DD-828A-34A0740F5EF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6403n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8DD9CF9-6A89-4538-B95B-6464914430DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6414u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05CF326D-3CE1-4270-B8E7-CE9A2A2A4409",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6416h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D24053A-FFD8-4BD8-8676-7CC117A4185F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6418h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94721676-CD1A-4056-BEBF-1523C3CE2A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6421n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4C7008-1E66-4FBD-A197-DFDF4C38FFE3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6423n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76A41E6F-3874-4137-B80F-E6C0A839BCCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6426y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4286B9B8-B329-4342-A8C3-AC9A85B6478F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6428n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "975E43D4-B152-44A3-A64A-C9FCC37240B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB6EA88D-45EB-419A-8ED0-4B32A1846DD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6433n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "003A0C42-8D2E-462F-9709-2A8C26D98247",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6433ne:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF8F1C3A-64B1-44A8-97BD-8E915FB84B9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6434:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "204B416D-B75B-4A44-8D37-8C6B84B77EF3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6434h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8AEBC9-4A10-4D1F-B267-C9549521DDC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6438m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D150604-EF92-464A-9DA9-8F07DEA7EA7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6438n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "025106B8-53E0-485E-9009-0DA23D65F556",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6438y\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20643FF8-CC86-4B1F-A230-BF634E676F0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6442y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8CC5990-41FB-49A8-81C9-6A94A17FCBBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6443n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "337887FE-6938-4AB8-AE5A-10CAEFC7C350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6444y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60E9D7F4-5854-4900-BECD-0E55504719AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6448h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1EC68B2-902A-400D-B473-6C01733C71CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6448y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63140392-AA9E-43C1-8594-42E8B41C33CC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6454s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC71C847-8E80-4D85-823F-4567AF62D841",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_gold_6458q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71CFAFD6-4111-48FD-8DB1-81CB64F2958C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8444h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC500965-35C1-4747-818C-44E4D8FA2CD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8450h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A79B597-104B-4869-8FD2-DC64876E746A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8452y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C528F941-F391-4B0F-85EA-71A1E039F3EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8454h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9A4BED-EFBA-4565-AF8D-ECBDF5934E2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8458p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED46098F-38C6-48CF-8BED-41423A6A4531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8460h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD8A966-382A-4737-B56F-59D68831B501",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8460y\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CCC2770-7DAE-41E9-A28F-FA742108174E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8461v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE9690A-18D5-421A-B9B1-FD3FD6F5BB6E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8462y\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "336A6519-66D9-4F2A-9597-39BAD742129E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8468:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1F65118-E8A7-44F1-A882-8B5E9C7E3C72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8468h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0004ECE3-BECD-4E60-BE35-23DDAD1758FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8468v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB861F62-6FA8-498A-B882-6E30814C15DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8470:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD61523A-0CF0-4416-AC53-26F0415FA462",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8470n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC3448FA-4298-45EE-BA58-3202C5851540",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8471n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "569AE756-7CEC-44D7-9D4C-F1AE534F58DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8480\\+:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCDFD394-1E5A-44AF-AB7F-610FBE69102A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_platinum_8490h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73363441-FC21-4183-89CE-5F52BE8EAEBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_silver_4410t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A3B836B-2636-4015-9F64-6272E888A133",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_silver_4410y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16968277-3B4A-4B98-944A-4FFA6FAA7FAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access."
    },
    {
      "lang": "es",
      "value": "La autenticaci\u00f3n incorrecta en algunos firmware OpenBMC de productos de servidor Intel(R) anteriores a la versi\u00f3n egs-1.09 puede permitir que un usuario autenticado habilite la escalada de privilegios a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2023-31189",
  "lastModified": "2026-01-14T18:29:39.013",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 2.7,
        "source": "secure@intel.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-02-14T14:15:50.310",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "secure@intel.com",
      "type": "Secondary"
    }
  ]
}

GSD-2023-31189

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.

Aliases

CVE-2023-31189

Aliases

CVE-2023-31189

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-31189",
    "id": "GSD-2023-31189"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-31189"
      ],
      "details": "Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.",
      "id": "GSD-2023-31189",
      "modified": "2023-12-13T01:20:30.264438Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2023-31189",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Server Product OpenBMC firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "before version egs-1.09"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "escalation of privilege"
              },
              {
                "cweId": "CWE-287",
                "lang": "eng",
                "value": "Improper authentication"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access."
          }
        ],
        "id": "CVE-2023-31189",
        "lastModified": "2024-02-14T15:01:51.137",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.0,
              "impactScore": 2.7,
              "source": "secure@intel.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-02-14T14:15:50.310",
        "references": [
          {
            "source": "secure@intel.com",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
          }
        ],
        "sourceIdentifier": "secure@intel.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-287"
              }
            ],
            "source": "secure@intel.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

GHSA-958X-7829-W5GJ

Vulnerability from github – Published: 2026-01-14 18:31 – Updated: 2026-01-14 18:31

Details

Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-31189"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-14T14:15:50Z",
    "severity": "HIGH"
  },
  "details": "Improper authentication in some Intel(R) Server Product OpenBMC firmware before version egs-1.09 may allow an authenticated user to enable escalation of privilege via local access.",
  "id": "GHSA-958x-7829-w5gj",
  "modified": "2026-01-14T18:31:11Z",
  "published": "2026-01-14T18:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31189"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

WID-SEC-W-2024-0372

Vulnerability from csaf_certbund - Published: 2024-02-13 23:00 - Updated: 2024-02-13 23:00

Summary

Intel OpenBMC Firmware: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Die Firmware ist eine in die Geräte fest eingebettete Software, die dort grundlegende Funktionen leistet.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Intel OpenBMC Firmware ausnutzen, um seine Privilegien zu erhöhen oder Informationen offenzulegen.

Betroffene Betriebssysteme

- UNIX - Linux - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Die Firmware ist eine in die Ger\u00e4te fest eingebettete Software, die dort grundlegende Funktionen leistet.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel OpenBMC Firmware ausnutzen, um seine Privilegien zu erh\u00f6hen oder Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0372 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0372.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0372 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0372"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-00922 vom 2024-02-13",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel OpenBMC Firmware: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-13T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:05:11.851+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0372",
      "initial_release_date": "2024-02-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "OpenBCM \u003c egs-1.05",
                "product": {
                  "name": "Intel Firmware OpenBCM \u003c egs-1.05",
                  "product_id": "T032674"
                }
              },
              {
                "category": "product_version_range",
                "name": "OpenBCM \u003c egs-1.09",
                "product": {
                  "name": "Intel Firmware OpenBCM \u003c egs-1.09",
                  "product_id": "T032675"
                }
              }
            ],
            "category": "product_name",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-31189",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Intel OpenBMC Firmware. Diese ist auf einen Fehler bei der Authentisierung zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032674"
        ]
      },
      "release_date": "2024-02-13T23:00:00.000+00:00",
      "title": "CVE-2023-31189"
    },
    {
      "cve": "CVE-2023-32280",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Intel OpenBMC Firmware. Diese ist auf einen Fehler in dem Schutz von Anmeldedaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
        }
      ],
      "release_date": "2024-02-13T23:00:00.000+00:00",
      "title": "CVE-2023-32280"
    }
  ]
}

CERTFR-2024-AVI-0124

Vulnerability from certfr_avis - Published: 2024-02-14 - Updated: 2024-02-14

De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel SUR software versions antérieures à 2.4.10587
Intel	N/A	Intel Optane PMem 100 Series management software versions antérieures à 01.00.00.3547
Intel	N/A	Intel MPI Library versions antérieures à 2021.10.0
Intel	N/A	Intel Unison software versions antérieures à C15
Intel	N/A	Intel Trace Analyzer and Collector 2021.10.0
Intel	N/A	Intel SDK pour OpenCL Applications software toutes versions
Intel	N/A	Intel Killer Wi-Fi software version antérieures à 3.1423.712
Intel	N/A	Intel XTU software versions antérieures à 7.12.0.29
Intel	N/A	Pilotes Intel QAT software pour Windows versions antérieures à QAT1.7-W-1.11.0
Intel	N/A	Tous les processeurs Intel Core de 6e, 7e, 8e ou 9e génération avec le pilote Intel Thunderbolt DCH toutes versions
Intel	N/A	Intel SPS versions antérieures à SPS_E5_06.01.04.002.0
Intel	N/A	Installation software pour Intel Ethernet Connections Boot Utility, Preboot Images et pilotes EFI s versions antérieures à 28.2
Intel	N/A	Intel oneAPI AI Analytics Toolkit 2023.2
Intel	N/A	ACAT software maintenu par Intel versions antérieures à 2.0.0
Intel	N/A	Intel PROSet/Wireless Wi-Fi software versions antérieures à 22.240
Intel	N/A	Intel Optane PMem 200 Series management software versions antérieures à 02.00.00.3915
Intel	N/A	Intel oneAPI Threading Building Blocks versions antérieures à 2021.10.0.
Intel	N/A	Intel Inspector pour oneAPI versions antérieures à 2023.2.0
Intel	N/A	Intel MAS software versions antérieures à 2.3
Intel	N/A	Intel oneAPI HPC Toolkit versions antérieures à 2023.2.0
Intel	N/A	Intel oneAPI Base Toolkit versions antérieures à 2023.2.0
Intel	N/A	Intel Optane PMem 300 Series management software versions antérieures à 03.00.00.0483
Intel	N/A	Intel ISPC versions antérieures à 1.21.0
Intel	N/A	Intel oneAPI Toolkit et du programme d'installation des composants versions antérieures à 4.3.2
Intel	N/A	Installation software pour Administrative Tools pour Intel Network Adapters versions antérieures à 28.2
Intel	N/A	Intel DSA software versions antérieures à 23.4.33
Intel	N/A	Micrologiciel du contrôleur Intel JHL8440 Thunderbolt 4 versions antérieures à 41
Intel	N/A	Intel Binary Configuration Tool software versions antérieures à 3.4.4
Intel	N/A	Intel SGX DCAP software pour Windows versions antérieures à 1.19.100.3
Intel	N/A	Intel SSU software versions antérieures à 3.0.0.2
Intel	N/A	Intel Unite Client software versions antérieures à 4.2.35041
Intel	N/A	Intel Distribution pour Python 2023.1
Intel	N/A	Intel VROC software versions antérieures à 8.0.8.1001
Intel	N/A	Intel CIP software versions antérieures à 2.4.10577
Intel	N/A	Intel Advisor pour oneAPI versions antérieures à 2023.2.0
Intel	N/A	Intel QSFP+ Configuration Utility software toutes versions
Intel	N/A	Intel oneAPI IoT Toolkit versions antérieures à 2023.2.0.
Intel	N/A	Intel PCM software versions antérieures à 202307
Intel	N/A	Intel MPI Library software versions antérieures à 2021.11
Intel	N/A	Intel Cluster Checker 2021.7.3
Intel	N/A	Intel Integrated Performance Primitives 2021.9.0
Intel	N/A	Intel oneAPI Deep Neural Network Library versions antérieures à 2023.2.0
Intel	N/A	Intel Battery Life Diagnostic Tool software versions antérieures à 2.3.1
Intel	N/A	Intel Chipset Driver Software versions antérieures à 10.1.19444.8378
Intel	N/A	Intel VTune Profiler pour oneAPI versions antérieures à 2023.2.0
Intel	N/A	Intel IPP Cryptography versions antérieures à 2021.8.0
Intel	N/A	Pilote Intel Thunderbolt DCH pour Windows versions antérieures à 88
Intel	N/A	Intel Optimization pour TensorFlow versions antérieures à 2.13.0
Intel	N/A	Arm DS software pour Intel SoC FPGA versions antérieures à 2022.2
Intel	N/A	Installation software pour Intel Ethernet Adapter Complete Driver Pack versions antérieures à 28.2
Intel	N/A	Sapphire Rapids Eagle Stream avec les processeurs Intel Xeon Scalable de 4e génération versions antérieures à PLR4 Release
Intel	N/A	Intel oneAPI Math Kernel Library versions antérieures à 2023.2.0.
Intel	N/A	Intel System Usage Report pour Gameplay Software version 2.0.1901
Intel	N/A	Intel PM software toutes versions
Intel	N/A	Intel OFU software versions antérieures à 14.1.31

References

Title

Publication Time

Tags

Bulletin de sécurité Intel INTEL-SA-01004 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00947 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00992 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00956 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00969 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00993 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00981 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01003 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00987 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01006 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00959 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01014 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00967 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00954 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00913 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01005 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00998 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00994 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00927 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00851 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00948 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00988 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01011 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00958 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00903 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01000 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00973 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00974 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00928 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00953 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00955 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00930 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00895 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00922 du 13 février 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel SUR software versions ant\u00e9rieures \u00e0 2.4.10587",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Optane PMem 100 Series management software versions ant\u00e9rieures \u00e0 01.00.00.3547",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel MPI Library versions ant\u00e9rieures \u00e0 2021.10.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Unison software versions ant\u00e9rieures \u00e0 C15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trace Analyzer and Collector 2021.10.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel SDK pour OpenCL Applications software toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Killer Wi-Fi software version ant\u00e9rieures \u00e0 3.1423.712",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel XTU software versions ant\u00e9rieures \u00e0 7.12.0.29",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Pilotes Intel QAT software pour Windows versions ant\u00e9rieures \u00e0 QAT1.7-W-1.11.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Tous les processeurs Intel Core de 6e, 7e, 8e ou 9e g\u00e9n\u00e9ration avec le pilote Intel Thunderbolt DCH toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel SPS versions ant\u00e9rieures \u00e0 SPS_E5_06.01.04.002.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Installation software pour Intel Ethernet Connections Boot Utility, Preboot Images et pilotes EFI s versions ant\u00e9rieures \u00e0 28.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI AI Analytics Toolkit 2023.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "ACAT software maintenu par Intel versions ant\u00e9rieures \u00e0 2.0.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel PROSet/Wireless Wi-Fi software versions ant\u00e9rieures \u00e0 22.240",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Optane PMem 200 Series management software versions ant\u00e9rieures \u00e0 02.00.00.3915",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI Threading Building Blocks versions ant\u00e9rieures \u00e0 2021.10.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Inspector pour oneAPI versions ant\u00e9rieures \u00e0 2023.2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel MAS software versions ant\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI HPC Toolkit versions ant\u00e9rieures \u00e0 2023.2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI Base Toolkit versions ant\u00e9rieures \u00e0 2023.2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Optane PMem 300 Series management software versions ant\u00e9rieures \u00e0 03.00.00.0483",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ISPC versions ant\u00e9rieures \u00e0 1.21.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI Toolkit et du programme d\u0027installation des composants versions ant\u00e9rieures \u00e0 4.3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Installation software pour Administrative Tools pour Intel Network Adapters versions ant\u00e9rieures \u00e0 28.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel DSA software versions ant\u00e9rieures \u00e0 23.4.33",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Micrologiciel du contr\u00f4leur Intel JHL8440 Thunderbolt 4 versions ant\u00e9rieures \u00e0 41",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Binary Configuration Tool software versions ant\u00e9rieures \u00e0 3.4.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel SGX DCAP software pour Windows versions ant\u00e9rieures \u00e0 1.19.100.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel SSU software versions ant\u00e9rieures \u00e0 3.0.0.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Unite Client software versions ant\u00e9rieures \u00e0 4.2.35041",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Distribution pour Python 2023.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel VROC software versions ant\u00e9rieures \u00e0 8.0.8.1001",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CIP software versions ant\u00e9rieures \u00e0 2.4.10577",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Advisor pour oneAPI versions ant\u00e9rieures \u00e0 2023.2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel QSFP+ Configuration Utility software toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI IoT Toolkit versions ant\u00e9rieures \u00e0 2023.2.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel PCM software versions ant\u00e9rieures \u00e0 202307",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel MPI Library software versions ant\u00e9rieures \u00e0 2021.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Cluster Checker 2021.7.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Integrated Performance Primitives 2021.9.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI Deep Neural Network Library versions ant\u00e9rieures \u00e0 2023.2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Battery Life Diagnostic Tool software versions ant\u00e9rieures \u00e0 2.3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Chipset Driver Software versions ant\u00e9rieures \u00e0 10.1.19444.8378",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel VTune Profiler pour oneAPI versions ant\u00e9rieures \u00e0 2023.2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel IPP Cryptography versions ant\u00e9rieures \u00e0 2021.8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Pilote Intel Thunderbolt DCH pour Windows versions ant\u00e9rieures \u00e0 88",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Optimization pour TensorFlow versions ant\u00e9rieures \u00e0 2.13.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Arm DS software pour Intel SoC FPGA versions ant\u00e9rieures \u00e0 2022.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Installation software pour Intel Ethernet Adapter Complete Driver Pack versions ant\u00e9rieures \u00e0 28.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Sapphire Rapids Eagle Stream avec les processeurs Intel Xeon Scalable de 4e g\u00e9n\u00e9ration versions ant\u00e9rieures \u00e0 PLR4 Release",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI Math Kernel Library versions ant\u00e9rieures \u00e0 2023.2.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel System Usage Report pour Gameplay Software version 2.0.1901",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel PM software toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel OFU software versions ant\u00e9rieures \u00e0 14.1.31",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-27307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27307"
    },
    {
      "name": "CVE-2023-25174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25174"
    },
    {
      "name": "CVE-2023-33875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33875"
    },
    {
      "name": "CVE-2023-28374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28374"
    },
    {
      "name": "CVE-2023-34315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34315"
    },
    {
      "name": "CVE-2023-38135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38135"
    },
    {
      "name": "CVE-2023-40161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40161"
    },
    {
      "name": "CVE-2023-32280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32280"
    },
    {
      "name": "CVE-2022-43703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43703"
    },
    {
      "name": "CVE-2023-39432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39432"
    },
    {
      "name": "CVE-2023-22293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22293"
    },
    {
      "name": "CVE-2023-35121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35121"
    },
    {
      "name": "CVE-2023-35062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35062"
    },
    {
      "name": "CVE-2023-33870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33870"
    },
    {
      "name": "CVE-2023-31189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31189"
    },
    {
      "name": "CVE-2023-28396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28396"
    },
    {
      "name": "CVE-2023-25073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25073"
    },
    {
      "name": "CVE-2023-26596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26596"
    },
    {
      "name": "CVE-2023-26592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26592"
    },
    {
      "name": "CVE-2023-28715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28715"
    },
    {
      "name": "CVE-2023-34983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34983"
    },
    {
      "name": "CVE-2023-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38561"
    },
    {
      "name": "CVE-2023-38566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38566"
    },
    {
      "name": "CVE-2023-32647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32647"
    },
    {
      "name": "CVE-2023-35769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35769"
    },
    {
      "name": "CVE-2023-28739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28739"
    },
    {
      "name": "CVE-2023-39425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39425"
    },
    {
      "name": "CVE-2023-28407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28407"
    },
    {
      "name": "CVE-2023-35060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35060"
    },
    {
      "name": "CVE-2023-29153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29153"
    },
    {
      "name": "CVE-2023-22390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22390"
    },
    {
      "name": "CVE-2023-24542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24542"
    },
    {
      "name": "CVE-2022-43701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43701"
    },
    {
      "name": "CVE-2023-41252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41252"
    },
    {
      "name": "CVE-2023-27517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27517"
    },
    {
      "name": "CVE-2023-26591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26591"
    },
    {
      "name": "CVE-2023-28745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28745"
    },
    {
      "name": "CVE-2023-2804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
    },
    {
      "name": "CVE-2023-27300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27300"
    },
    {
      "name": "CVE-2023-24463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24463"
    },
    {
      "name": "CVE-2023-35003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35003"
    },
    {
      "name": "CVE-2023-35061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35061"
    },
    {
      "name": "CVE-2023-32644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32644"
    },
    {
      "name": "CVE-2023-25779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25779"
    },
    {
      "name": "CVE-2023-39941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39941"
    },
    {
      "name": "CVE-2023-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26585"
    },
    {
      "name": "CVE-2023-27308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27308"
    },
    {
      "name": "CVE-2023-29162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29162"
    },
    {
      "name": "CVE-2023-24591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24591"
    },
    {
      "name": "CVE-2023-34351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34351"
    },
    {
      "name": "CVE-2023-22342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22342"
    },
    {
      "name": "CVE-2023-26586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26586"
    },
    {
      "name": "CVE-2023-36490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36490"
    },
    {
      "name": "CVE-2023-25769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25769"
    },
    {
      "name": "CVE-2023-41231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41231"
    },
    {
      "name": "CVE-2022-43702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43702"
    },
    {
      "name": "CVE-2023-41091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41091"
    },
    {
      "name": "CVE-2023-36493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36493"
    },
    {
      "name": "CVE-2023-27301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27301"
    },
    {
      "name": "CVE-2023-32651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32651"
    },
    {
      "name": "CVE-2023-41090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41090"
    },
    {
      "name": "CVE-2023-32642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32642"
    },
    {
      "name": "CVE-2023-25951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25951"
    },
    {
      "name": "CVE-2023-30767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30767"
    },
    {
      "name": "CVE-2023-31271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31271"
    },
    {
      "name": "CVE-2023-22311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22311"
    },
    {
      "name": "CVE-2023-32646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32646"
    },
    {
      "name": "CVE-2023-42776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42776"
    },
    {
      "name": "CVE-2023-39932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39932"
    },
    {
      "name": "CVE-2023-25777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25777"
    },
    {
      "name": "CVE-2023-22848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22848"
    },
    {
      "name": "CVE-2023-25945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25945"
    },
    {
      "name": "CVE-2023-24589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24589"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2023-40154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40154"
    },
    {
      "name": "CVE-2023-32618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32618"
    },
    {
      "name": "CVE-2023-27303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27303"
    },
    {
      "name": "CVE-2023-40156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40156"
    },
    {
      "name": "CVE-2023-24481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24481"
    },
    {
      "name": "CVE-2023-28720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28720"
    }
  ],
  "initial_release_date": "2024-02-14T00:00:00",
  "last_revision_date": "2024-02-14T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0124",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-02-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Intel\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01004 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01004.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00947 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00992 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00992.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00956 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00956.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00969 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00969.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00993 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00993.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00981 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00981.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01003 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00987 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00987.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01006 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00959 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00959.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01014 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00967 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00967.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00954 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00954.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00913 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00913.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01005 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01005.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00998 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00998.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00994 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00994.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00927 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00927.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00851 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00851.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00948 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00988 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01011 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01011.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00958 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00958.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00903 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00903.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01000 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01000.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00973 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00973.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00974 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00974.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00928 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00928.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00953 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00953.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00955 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00955.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00930 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00895 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00895.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00922 du 13 f\u00e9vrier 2024",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-31189 (GCVE-0-2023-31189)

FKIE_CVE-2023-31189

GSD-2023-31189

GHSA-958X-7829-W5GJ

WID-SEC-W-2024-0372

CERTFR-2024-AVI-0124

Solution

Tags

Sightings

Nomenclature