CVSS: 8.2EPSS: 0%CPEs: 568EXPL: 0CVE-2019-11137
https://notcve.org/view.php?id=CVE-2019-11137
Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Una comprobación de entrada insuficiente en el firmware del sistema para Intel® Xeon® Scalable Processors, Intel® Xeon® Processors D Family, Intel® Xeon® Processors E5 v4 Family, Intel® Xeon® Processors E7 v4 Family y Intel® Atom® processor C Series, puede habilitar a un usuario privilegiado para permitir una escalada de privilegios, una denegación de servicio y/o una divulgación de información por medio de un acceso local. • https://support.f5.com/csp/article/K56215245?utm_source=f5support&%3Butm_medium=RSS https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 568EXPL: 0CVE-2019-11136
https://notcve.org/view.php?id=CVE-2019-11136
Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Un control de acceso insuficiente en el firmware del sistema para Intel® Xeon® Scalable Processors, 2nd Generation Intel® Xeon® Scalable Processors y Intel® Xeon® Processors D Family, puede habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios, una denegación de servicio y/o una divulgación de información por medio de un acceso local. • https://support.f5.com/csp/article/K56215245?utm_source=f5support&%3Butm_medium=RSS https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-11996
https://notcve.org/view.php?id=CVE-2019-11996
Potential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. The vulnerabilities could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.2.0, 4.5.5.0, 5.0.8.0 and 5.1.3.0. Han sido identificadas posibles vulnerabilidades de seguridad con los sistemas HPE Nimble Storage en configuraciones de grupos de múltiples matrices. Las vulnerabilidades podrían ser explotadas por un atacante para obtener privilegios elevados en la matriz. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03964en_us •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-11988
https://notcve.org/view.php?id=CVE-2019-11988
A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager (SUM) earlier than version 8.3.5. Se ha identificado una vulnerabilidad de acceso remoto no autorizado en HPE Smart Update Manager (SUM) en versiones anteriores a 8.3.5. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03922en_us •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11987
https://notcve.org/view.php?id=CVE-2019-11987
A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege. Una vulnerabilidad de seguridad en HPE Smart Update Manager (SUM) en versiones anteriores a la 8.4 podría permitir la escalada local de privilegios no autorizados. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03923en_us •