CVE-2018-12204
https://notcve.org/view.php?id=CVE-2018-12204
Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow privileged user to potentially enable an escalation of privilege via local access. La inicialización inadecuada en Platform Sample/Silicon Reference firmware Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module) puede permitir que el usuario privilegiado habilite potencialmente una escalada de privilegios a través del acceso local. • https://security.netapp.com/advisory/ntap-20190318-0002 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03929en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03978en_us https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html • CWE-665: Improper Initialization •
CVE-2018-12172
https://notcve.org/view.php?id=CVE-2018-12172
Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords via local access. Hasheo de contraseñas incorrecto en el firmware en Intel Server Board (S7200AP, S7200APR) e Intel Compute Module (HNS7200AP, HNS7200AP) podría permitir que un usuario privilegiado divulgue contraseñas del firmware mediante acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00138.html •
CVE-2018-3682
https://notcve.org/view.php?id=CVE-2018-3682
BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. El firmware BMC en las placas para servidores, los módulos de computación y los sistemas Intel podrían permitir que un atacante con privilegios administrativos realice lecturas/escrituras no autorizadas al SMBUS. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00130.html • CWE-269: Improper Privilege Management •