VAR-201905-0867
Vulnerability from variot - Updated: 2024-11-23 20:21Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. plural Intel The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. Attackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. Intel Server Board, etc. are all products of Intel Corporation of the United States. Intel Server Board is a server motherboard. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor D Family is a Xeon D series server central processing unit (CPU). A buffer overflow vulnerability exists in the system firmware of several Intel products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. A local attacker could exploit this vulnerability to elevate a new server and/or cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0867",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xeon gold processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bps24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2142it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600jfq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1567",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpq24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2123it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600st",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1622",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1571",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1623n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2400lp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1518",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1521",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1533n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1523n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600bp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp24sr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2183it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2191",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon bronze processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s1200sp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kpfr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1602",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600wpq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2146nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1531",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1627",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600kp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2187nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1541",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mfs5520vir",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600tp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600jf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1633n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600wt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s7200ap",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1543n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1548",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1513n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1529",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mfs2600ki",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2166nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600cw",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpfr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpblc",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1653n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1539",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1577",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mfs5000si",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1537",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpblc24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200aprl",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpnr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2145nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server system s9200wk",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600wf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpb",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1557",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600wpf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200apr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2141i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1649n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2163it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1559",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1527",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200apl",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2161i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600wp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600jff",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp24str",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kpf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kpr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2143it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpb24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1528",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2177nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200ap",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bps",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2173it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1553n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp24r",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1602",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1622",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1623n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1627",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1633n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1637",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1649n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1653n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2141i",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2177nt",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon scalable processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon d processor",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium silver processor series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute module",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor e3900 series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor a series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0119",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0119",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-140150",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0119",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0119",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0119",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-763",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140150",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. plural Intel The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. \nAttackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. Intel Server Board, etc. are all products of Intel Corporation of the United States. Intel Server Board is a server motherboard. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor D Family is a Xeon D series server central processing unit (CPU). A buffer overflow vulnerability exists in the system firmware of several Intel products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. A local attacker could exploit this vulnerability to elevate a new server and/or cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0119"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "VULHUB",
"id": "VHN-140150"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0119",
"trust": 2.8
},
{
"db": "BID",
"id": "108485",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2047",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26294",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140150",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"id": "VAR-201905-0867",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
}
],
"trust": 0.797873084
},
"last_update_date": "2024-11-23T20:21:11.178000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00223",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108485"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k85585101"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0119"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.9,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0119"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2047/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26294"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140150"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"date": "2019-05-17T16:29:01.783000",
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-140150"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"date": "2019-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"date": "2024-11-21T04:16:16.060000",
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…