CVE-2019-11168

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-11168
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.

9.1 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:P

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
https://support.f5.com/csp/article/K64346530?utm_source=f5support&amp%3Butm_medium=RSS
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:baseboard_management_controller_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600bpbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600bpqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600bpsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600stbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600stqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpb24rx:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpblcr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpbrx:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bps24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpchns2600bpbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpchns2600bpqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpchns2600bpsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr1208wfqysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr1208wftysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr1304wf0ysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr1304wftysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2208wf0zsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2208wfqzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2208wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2208wftzsrx:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2224wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2308wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2312wf0npr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hpcr2312wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wftzsrx:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600stbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600stqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wf0r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wfqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wftr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s9232wk1hlc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s9232wk2hac:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s9232wk2hlc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s9248wk1hlc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s9248wk2hac:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s9248wk2hlc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s9256wk1hlc:-:*:*:*:*:*:*:*
History

07 Nov 2023, 03:02

Type Values Removed Values Added
CWE CWE-613 NVD-CWE-noinfo
References
  • {'url': 'https://support.f5.com/csp/article/K64346530?utm_source=f5support&utm_medium=RSS', 'name': 'https://support.f5.com/csp/article/K64346530?utm_source=f5support&utm_medium=RSS', 'tags': ['Third Party Advisory'], 'refsource': 'CONFIRM'}
  • () https://support.f5.com/csp/article/K64346530?utm_source=f5support&amp%3Butm_medium=RSSĀ -
Information

Published : 2019-11-14 17:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-11168

Mitre link : CVE-2019-11168

CVE.ORG link : CVE-2019-11168

JSON object : View

Products Affected

intel

  • bbs2600bpb
  • s2600stbr
  • hns2600bpbrx
  • hpcr1304wf0ysr
  • s9256wk1hlc
  • s2600stqr
  • hpcr1208wftysr
  • r2224wfqzs
  • r2312wfqzs
  • bbs2600bpqr
  • r2224wftzs
  • s2600stq
  • hns2600bps24r
  • r2208wftzs
  • s9232wk2hlc
  • bbs2600stq
  • r1208wftys
  • bbs2600bpq
  • hpcr2312wftzsr
  • hns2600bpb24rx
  • hns2600bpbr
  • hpcr2208wf0zsr
  • hpchns2600bpsr
  • r2312wftzsr
  • hpcr2208wftzsrx
  • r2308wftzsr
  • s2600wftr
  • hns2600bps
  • hns2600bps24
  • r2208wftzsr
  • r2208wftzsrx
  • r1304wftys
  • hpcr2208wfqzsr
  • r1304wftysr
  • s9248wk2hac
  • hns2600bpb24
  • hpchns2600bpbr
  • hns2600bpq24
  • hns2600bpblc
  • s2600wf0
  • bbs2600stqr
  • s2600wfqr
  • bbs2600bpbr
  • hpcr2208wftzsr
  • r1208wftysr
  • r2312wftzs
  • hns2600bpb24r
  • hns2600bpblc24
  • hpcr2224wftzsr
  • s9232wk1hlc
  • r2312wf0np
  • r1208wfqysr
  • hns2600bpblcr
  • r2312wf0npr
  • s2600wft
  • bbs2600bpsr
  • hns2600bpq24r
  • hns2600bpb
  • bbs2600stb
  • s9232wk2hac
  • s2600wf0r
  • hns2600bpqr
  • r2224wftzsr
  • s2600stb
  • hns2600bpblc24r
  • r2308wftzs
  • hpcr1304wftysr
  • r1304wf0ysr
  • hpcr2308wftzsr
  • r2208wf0zs
  • r2208wfqzsr
  • s9248wk2hlc
  • hns2600bpq
  • hns2600bpsr
  • bbs2600stbr
  • hpcr2312wf0npr
  • bbs2600bps
  • r2208wf0zsr
  • baseboard_management_controller_firmware
  • r2208wfqzs
  • s2600wfq
  • r1304wf0ys
  • s9248wk1hlc
  • hpchns2600bpqr
  • hpcr1208wfqysr
CWE
NVD-CWE-noinfo