CVE-2019-11175 : Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Published 2019-11-14 17:15:14

Updated 2019-11-19 17:36:01

Source Intel Corporation

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2019-11175

Probability of exploitation activity in the next 30 days: 0.11%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 43 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2019-11175

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2019-11175

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-11175

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html

INTEL-SA-00313
Vendor Advisory

CVEs referencing this url

Products affected by CVE-2019-11175

Intel » Baseboard Management Controller Firmware
Versions before (<) 2.18
cpe:2.3:o:intel:baseboard_management_controller_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Bbs2600bpb » Version: N/A
When used together with: Intel » Bbs2600bpbr » Version: N/A
When used together with: Intel » Bbs2600bpq » Version: N/A
When used together with: Intel » Bbs2600bpqr » Version: N/A
When used together with: Intel » Bbs2600bps » Version: N/A
When used together with: Intel » Bbs2600bpsr » Version: N/A
When used together with: Intel » Bbs2600stb » Version: N/A
When used together with: Intel » Bbs2600stbr » Version: N/A
When used together with: Intel » Bbs2600stq » Version: N/A
When used together with: Intel » Bbs2600stqr » Version: N/A
When used together with: Intel » Hns2600bpb » Version: N/A
When used together with: Intel » Hns2600bpb24 » Version: N/A
When used together with: Intel » Hns2600bpb24r » Version: N/A
When used together with: Intel » Hns2600bpb24rx » Version: N/A
When used together with: Intel » Hns2600bpblc » Version: N/A
When used together with: Intel » Hns2600bpblc24 » Version: N/A
When used together with: Intel » Hns2600bpblc24r » Version: N/A
When used together with: Intel » Hns2600bpblcr » Version: N/A
When used together with: Intel » Hns2600bpbr » Version: N/A
When used together with: Intel » Hns2600bpbrx » Version: N/A
When used together with: Intel » Hns2600bpq » Version: N/A
When used together with: Intel » Hns2600bpq24 » Version: N/A
When used together with: Intel » Hns2600bpq24r » Version: N/A
When used together with: Intel » Hns2600bpqr » Version: N/A
When used together with: Intel » Hns2600bps » Version: N/A
When used together with: Intel » Hns2600bps24 » Version: N/A
When used together with: Intel » Hns2600bps24r » Version: N/A
When used together with: Intel » Hns2600bpsr » Version: N/A
When used together with: Intel » Hpchns2600bpbr » Version: N/A
When used together with: Intel » Hpchns2600bpqr » Version: N/A
When used together with: Intel » Hpchns2600bpsr » Version: N/A
When used together with: Intel » Hpcr1208wfqysr » Version: N/A
When used together with: Intel » Hpcr1208wftysr » Version: N/A
When used together with: Intel » Hpcr1304wf0ysr » Version: N/A
When used together with: Intel » Hpcr1304wftysr » Version: N/A
When used together with: Intel » Hpcr2208wf0zsr » Version: N/A
When used together with: Intel » Hpcr2208wfqzsr » Version: N/A
When used together with: Intel » Hpcr2208wftzsr » Version: N/A
When used together with: Intel » Hpcr2208wftzsrx » Version: N/A
When used together with: Intel » Hpcr2224wftzsr » Version: N/A
When used together with: Intel » Hpcr2308wftzsr » Version: N/A
When used together with: Intel » Hpcr2312wf0npr » Version: N/A
When used together with: Intel » Hpcr2312wftzsr » Version: N/A
When used together with: Intel » R1208wfqysr » Version: N/A
When used together with: Intel » R1208wftys » Version: N/A
When used together with: Intel » R1208wftysr » Version: N/A
When used together with: Intel » R1304wf0ys » Version: N/A
When used together with: Intel » R1304wf0ysr » Version: N/A
When used together with: Intel » R1304wftys » Version: N/A
When used together with: Intel » R1304wftysr » Version: N/A
When used together with: Intel » R2208wf0zs » Version: N/A
When used together with: Intel » R2208wf0zsr » Version: N/A
When used together with: Intel » R2208wfqzs » Version: N/A
When used together with: Intel » R2208wfqzsr » Version: N/A
When used together with: Intel » R2208wftzs » Version: N/A
When used together with: Intel » R2208wftzsr » Version: N/A
When used together with: Intel » R2208wftzsrx » Version: N/A
When used together with: Intel » R2224wfqzs » Version: N/A
When used together with: Intel » R2224wftzs » Version: N/A
When used together with: Intel » R2224wftzsr » Version: N/A
When used together with: Intel » R2308wftzs » Version: N/A
When used together with: Intel » R2308wftzsr » Version: N/A
When used together with: Intel » R2312wf0np » Version: N/A
When used together with: Intel » R2312wf0npr » Version: N/A
When used together with: Intel » R2312wfqzs » Version: N/A
When used together with: Intel » R2312wftzs » Version: N/A
When used together with: Intel » R2312wftzsr » Version: N/A
When used together with: Intel » S2600stb » Version: N/A
When used together with: Intel » S2600stbr » Version: N/A
When used together with: Intel » S2600stq » Version: N/A
When used together with: Intel » S2600stqr » Version: N/A
When used together with: Intel » S2600wf0 » Version: N/A
When used together with: Intel » S2600wf0r » Version: N/A
When used together with: Intel » S2600wfq » Version: N/A
When used together with: Intel » S2600wfqr » Version: N/A
When used together with: Intel » S2600wft » Version: N/A
When used together with: Intel » S2600wftr » Version: N/A
When used together with: Intel » S9232wk1hlc » Version: N/A
When used together with: Intel » S9232wk2hac » Version: N/A
When used together with: Intel » S9232wk2hlc » Version: N/A
When used together with: Intel » S9248wk1hlc » Version: N/A
When used together with: Intel » S9248wk2hac » Version: N/A
When used together with: Intel » S9248wk2hlc » Version: N/A
When used together with: Intel » S9256wk1hlc » Version: N/A

Vulnerability Details : CVE-2019-11175

Exploit prediction scoring system (EPSS) score for CVE-2019-11175

CVSS scores for CVE-2019-11175

CWE ids for CVE-2019-11175

References for CVE-2019-11175

Products affected by CVE-2019-11175