CVE-2020-8715 : Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modu

Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access.

Published 2020-08-13 03:15:16

Updated 2020-08-19 17:20:12

Source Intel Corporation

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2020-8715

Intel » Server Board S2600wf Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_board_s2600wf_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600wf0 » Version: N/A
When used together with: Intel » Server Board S2600wf0r » Version: N/A
When used together with: Intel » Server Board S2600wfq » Version: N/A
When used together with: Intel » Server Board S2600wfqr » Version: N/A
When used together with: Intel » Server Board S2600wft » Version: N/A
When used together with: Intel » Server Board S2600wftr » Version: N/A
Intel » Server Board S2600bp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_board_s2600bp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600bpb » Version: N/A
When used together with: Intel » Server Board S2600bpbr » Version: N/A
When used together with: Intel » Server Board S2600bpq » Version: N/A
When used together with: Intel » Server Board S2600bpqr » Version: N/A
When used together with: Intel » Server Board S2600bps » Version: N/A
When used together with: Intel » Server Board S2600bpsr » Version: N/A
Intel » Server Board S2600st Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_board_s2600st_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600stb » Version: N/A
When used together with: Intel » Server Board S2600stbr » Version: N/A
When used together with: Intel » Server Board S2600stq » Version: N/A
When used together with: Intel » Server Board S2600stqr » Version: N/A
Intel » Server Board S2600wt Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_board_s2600wt_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600wt2 » Version: N/A
When used together with: Intel » Server Board S2600wt2r » Version: N/A
When used together with: Intel » Server Board S2600wtt » Version: N/A
When used together with: Intel » Server Board S2600wttr » Version: N/A
Intel » Server Board S2600kp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_board_s2600kp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600kp » Version: N/A
When used together with: Intel » Server Board S2600kpf » Version: N/A
When used together with: Intel » Server Board S2600kpfr » Version: N/A
When used together with: Intel » Server Board S2600kpr » Version: N/A
When used together with: Intel » Server Board S2600kptr » Version: N/A
Intel » Server Board S1200sp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_board_s1200sp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S1200spl » Version: N/A
When used together with: Intel » Server Board S1200splr » Version: N/A
When used together with: Intel » Server Board S1200spo » Version: N/A
When used together with: Intel » Server Board S1200spor » Version: N/A
When used together with: Intel » Server Board S1200sps » Version: N/A
When used together with: Intel » Server Board S1200spsr » Version: N/A
Intel » Compute Module Hns2600bp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:compute_module_hns2600bp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Compute Module Hns2600bpb » Version: N/A
When used together with: Intel » Compute Module Hns2600bpb24 » Version: N/A
When used together with: Intel » Compute Module Hns2600bpb24r » Version: N/A
When used together with: Intel » Compute Module Hns2600bpblc » Version: N/A
When used together with: Intel » Compute Module Hns2600bpblc24 » Version: N/A
When used together with: Intel » Compute Module Hns2600bpblc24r » Version: N/A
When used together with: Intel » Compute Module Hns2600bpblcr » Version: N/A
When used together with: Intel » Compute Module Hns2600bpbr » Version: N/A
When used together with: Intel » Compute Module Hns2600bpq » Version: N/A
When used together with: Intel » Compute Module Hns2600bpq24 » Version: N/A
When used together with: Intel » Compute Module Hns2600bpq24r » Version: N/A
When used together with: Intel » Compute Module Hns2600bpqr » Version: N/A
When used together with: Intel » Compute Module Hns2600bps » Version: N/A
When used together with: Intel » Compute Module Hns2600bps24 » Version: N/A
When used together with: Intel » Compute Module Hns2600bps24r » Version: N/A
When used together with: Intel » Compute Module Hns2600bpsr » Version: N/A
Intel » Server System R2000wf Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_system_r2000wf_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System R2208wf0zs » Version: N/A
When used together with: Intel » Server System R2208wf0zsr » Version: N/A
When used together with: Intel » Server System R2208wfqzs » Version: N/A
When used together with: Intel » Server System R2208wfqzsr » Version: N/A
When used together with: Intel » Server System R2208wftzs » Version: N/A
When used together with: Intel » Server System R2208wftzsr » Version: N/A
When used together with: Intel » Server System R2224wfqzs » Version: N/A
When used together with: Intel » Server System R2224wftzs » Version: N/A
When used together with: Intel » Server System R2224wftzsr » Version: N/A
When used together with: Intel » Server System R2308wftzs » Version: N/A
When used together with: Intel » Server System R2308wftzsr » Version: N/A
When used together with: Intel » Server System R2312wf0np » Version: N/A
When used together with: Intel » Server System R2312wf0npr » Version: N/A
When used together with: Intel » Server System R2312wfqzs » Version: N/A
When used together with: Intel » Server System R2312wftzs » Version: N/A
When used together with: Intel » Server System R2312wftzsr » Version: N/A
When used together with: Intel » Server System Vrn2208waf6 » Version: N/A
When used together with: Intel » Server System Vrn2208wfaf81 » Version: N/A
When used together with: Intel » Server System Vrn2208wfaf82 » Version: N/A
When used together with: Intel » Server System Vrn2208wfaf83 » Version: N/A
When used together with: Intel » Server System Vrn2208wfhy6 » Version: N/A
Intel » Server System R1000wf Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_system_r1000wf_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System Lnetcnt3y » Version: N/A
When used together with: Intel » Server System Mcb2208wfaf4 » Version: N/A
When used together with: Intel » Server System Mcb2208wfaf5 » Version: N/A
When used together with: Intel » Server System Mcb2208wfaf6 » Version: N/A
When used together with: Intel » Server System Mcb2208wfhy2 » Version: N/A
When used together with: Intel » Server System Nb2208wfqnfvi » Version: N/A
When used together with: Intel » Server System R1208wfqysr » Version: N/A
When used together with: Intel » Server System R1208wftys » Version: N/A
When used together with: Intel » Server System R1208wftysr » Version: N/A
When used together with: Intel » Server System R1304wf0ys » Version: N/A
When used together with: Intel » Server System R1304wf0ysr » Version: N/A
When used together with: Intel » Server System R1304wftys » Version: N/A
When used together with: Intel » Server System R1304wftysr » Version: N/A
Intel » Server System R1000wt Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_system_r1000wt_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System R1208wt2gs » Version: N/A
When used together with: Intel » Server System R1208wt2gsr » Version: N/A
When used together with: Intel » Server System R1208wttgs » Version: N/A
When used together with: Intel » Server System R1208wttgsbpp » Version: N/A
When used together with: Intel » Server System R1208wttgsr » Version: N/A
When used together with: Intel » Server System R1304wt2gs » Version: N/A
When used together with: Intel » Server System R1304wt2gsr » Version: N/A
When used together with: Intel » Server System R1304wttgs » Version: N/A
When used together with: Intel » Server System R1304wttgsr » Version: N/A
Intel » Server System R2000wt Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_system_r2000wt_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System R2208wt2ys » Version: N/A
When used together with: Intel » Server System R2208wt2ysr » Version: N/A
When used together with: Intel » Server System R2208wttyc1 » Version: N/A
When used together with: Intel » Server System R2208wttyc1r » Version: N/A
When used together with: Intel » Server System R2208wttys » Version: N/A
When used together with: Intel » Server System R2208wttysr » Version: N/A
When used together with: Intel » Server System R2224wttys » Version: N/A
When used together with: Intel » Server System R2224wttysr » Version: N/A
When used together with: Intel » Server System R2308wttys » Version: N/A
When used together with: Intel » Server System R2308wttysr » Version: N/A
When used together with: Intel » Server System R2312wttys » Version: N/A
When used together with: Intel » Server System R2312wttysr » Version: N/A
Intel » Server Board S2600cw
Versions before (<) 1.59
cpe:2.3:o:intel:server_board_s2600cw:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600cw2 » Version: N/A
When used together with: Intel » Server Board S2600cw2r » Version: N/A
When used together with: Intel » Server Board S2600cw2s » Version: N/A
When used together with: Intel » Server Board S2600cw2sr » Version: N/A
When used together with: Intel » Server Board S2600cwt » Version: N/A
When used together with: Intel » Server Board S2600cwtr » Version: N/A
When used together with: Intel » Server Board S2600cwts » Version: N/A
When used together with: Intel » Server Board S2600cwtsr » Version: N/A
Intel » Compute Module Hns2600kp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:compute_module_hns2600kp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Compute Module Hns2600kp » Version: N/A
When used together with: Intel » Compute Module Hns2600kpf » Version: N/A
When used together with: Intel » Compute Module Hns2600kpfr » Version: N/A
When used together with: Intel » Compute Module Hns2600kpr » Version: N/A
Intel » Compute Module Hns2600tp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:compute_module_hns2600tp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Compute Module Hns2600tp » Version: N/A
When used together with: Intel » Compute Module Hns2600tp24r » Version: N/A
When used together with: Intel » Compute Module Hns2600tp24sr » Version: N/A
When used together with: Intel » Compute Module Hns2600tpf » Version: N/A
When used together with: Intel » Compute Module Hns2600tpfr » Version: N/A
When used together with: Intel » Compute Module Hns2600tpr » Version: N/A
Intel » Compute Module S2600tp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:compute_module_s2600tp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600tp » Version: N/A
When used together with: Intel » Server Board S2600tpf » Version: N/A
When used together with: Intel » Server Board S2600tpfr » Version: N/A
When used together with: Intel » Server Board S2600tpr » Version: N/A
Intel » Server System Lr1304sp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_system_lr1304sp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System Lr1304spcfg1 » Version: N/A
When used together with: Intel » Server System Lr1304spcfg1r » Version: N/A
When used together with: Intel » Server System Lr1304spcfsgx1 » Version: N/A
Intel » Server System Lsvrp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_system_lsvrp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System Lsvrp4304es6xx1 » Version: N/A
When used together with: Intel » Server System Lsvrp4304es6xxr » Version: N/A
Intel » Server System R1000sp Firmware
Versions before (<) 1.59
cpe:2.3:o:intel:server_system_r1000sp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System R1208sposhor » Version: N/A
When used together with: Intel » Server System R1208sposhorr » Version: N/A
When used together with: Intel » Server System R1304sposhbn » Version: N/A
When used together with: Intel » Server System R1304sposhbnr » Version: N/A
When used together with: Intel » Server System R1304sposhor » Version: N/A
When used together with: Intel » Server System R1304sposhorr » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-8715

EPSS FAQ

0.16%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 34 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-8715

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2020-8715

CWE-763 Release of Invalid Pointer or Reference

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-8715

https://security.netapp.com/advisory/ntap-20200814-0002/

Intel SA-00384 Server Boards, Systems and Compute Module Vulnerabilities in NetApp Products | NetApp Product Security
Third Party Advisory

CVEs referencing this url
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00384.html

Intel-SA-00384
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2020-8715

Products affected by CVE-2020-8715

Exploit prediction scoring system (EPSS) score for CVE-2020-8715

CVSS scores for CVE-2020-8715

CWE ids for CVE-2020-8715

References for CVE-2020-8715