Page 7 of 42 results (0.012 seconds)

CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0

Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access. Una vulnerabilidad de tipo cross site scripting en el subsistema para Intel(R) AMT versiones anteriores a 11.8.70, 11.11.70, 11.22.70 y 12.0.45, puede permitir a un usuario privilegiado habilitar una escalada de privilegios por medio de un acceso de red. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access. Validación de entradas insuficiente en Intel(R) Active Management Technology (Intel(R) AMT), en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20, podría permitir que un usuario no autenticado pueda provocar una denegación de servicio mediante acceso de red. • https://security.netapp.com/advisory/ntap-20190318-0001 https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html • CWE-20: Improper Input Validation •

CVSS: 7.2EPSS: 0%CPEs: 25EXPL: 0

Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. Múltiples desbordamientos de búfer en Intel AMT en el firmware Intel CSME en versiones anteriores a la 12.0.5 podrían permitir que un usuario privilegiado ejecute código arbitrario con privilegios de ejecución AMT mediante acceso local. • http://www.securityfocus.com/bid/106996 https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 https://security.netapp.com/advisory/ntap-20180924-0003 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.9EPSS: 0%CPEs: 25EXPL: 0

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. Vulnerabilidad de canal lateral estilo Bleichenbacher en la implementación TLS en Intel Active Management Technology en versiones anteriores a la 12.0.5 podría permitir que un usuario sin autenticar obtenga la clave de sesión TLS por red. • http://www.securityfocus.com/bid/106996 https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 https://security.netapp.com/advisory/ntap-20180924-0003 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html •

CVSS: 5.3EPSS: 0%CPEs: 25EXPL: 0

Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. Múltiples desbordamientos de búfer en Intel AMT en el firmware Intel CSME en versiones anteriores a la 12.0.5 podrían permitir que un usuario no autenticado con Intel AMT provisionado provoque una denegación de servicio (DoS) parcial mediante acceso de red. • http://www.securityfocus.com/bid/106996 https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 https://security.netapp.com/advisory/ntap-20180924-0003 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html • CWE-772: Missing Release of Resource after Effective Lifetime •