CVE-2018-3616
 
Severity Score
5.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
Vulnerabilidad de canal lateral estilo Bleichenbacher en la implementación TLS en Intel Active Management Technology en versiones anteriores a la 12.0.5 podría permitir que un usuario sin autenticar obtenga la clave de sesión TLS por red.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-12-28 CVE Reserved
- 2018-09-12 CVE Published
- 2024-04-30 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/106996 | Third Party Advisory | |
https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 | Third Party Advisory | |
https://security.netapp.com/advisory/ntap-20180924-0003 | Third Party Advisory | |
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf | 2023-08-17 |
URL | Date | SRC |
---|---|---|
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html | 2023-08-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | Simatic Field Pg M5 Firmware Search vendor "Siemens" for product "Simatic Field Pg M5 Firmware" | < 22.01.06 Search vendor "Siemens" for product "Simatic Field Pg M5 Firmware" and version " < 22.01.06" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Field Pg M5 Search vendor "Siemens" for product "Simatic Field Pg M5" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc427e Firmware Search vendor "Siemens" for product "Simatic Ipc427e Firmware" | < 21.01.09 Search vendor "Siemens" for product "Simatic Ipc427e Firmware" and version " < 21.01.09" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc427e Search vendor "Siemens" for product "Simatic Ipc427e" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc477e Firmware Search vendor "Siemens" for product "Simatic Ipc477e Firmware" | < 21.01.09 Search vendor "Siemens" for product "Simatic Ipc477e Firmware" and version " < 21.01.09" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc477e Search vendor "Siemens" for product "Simatic Ipc477e" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc547e Firmware Search vendor "Siemens" for product "Simatic Ipc547e Firmware" | < r1.30.0 Search vendor "Siemens" for product "Simatic Ipc547e Firmware" and version " < r1.30.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pc547e Search vendor "Siemens" for product "Simatic Pc547e" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Pc547g Firmware Search vendor "Siemens" for product "Simatic Pc547g Firmware" | < r1.23.0 Search vendor "Siemens" for product "Simatic Pc547g Firmware" and version " < r1.23.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc547g Search vendor "Siemens" for product "Simatic Ipc547g" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc627d Firmware Search vendor "Siemens" for product "Simatic Ipc627d Firmware" | < 19.02.11 Search vendor "Siemens" for product "Simatic Ipc627d Firmware" and version " < 19.02.11" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc627d Search vendor "Siemens" for product "Simatic Ipc627d" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc647d Firmware Search vendor "Siemens" for product "Simatic Ipc647d Firmware" | < 19.01.14 Search vendor "Siemens" for product "Simatic Ipc647d Firmware" and version " < 19.01.14" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc647d Search vendor "Siemens" for product "Simatic Ipc647d" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc677d Firmware Search vendor "Siemens" for product "Simatic Ipc677d Firmware" | < 19.02.11 Search vendor "Siemens" for product "Simatic Ipc677d Firmware" and version " < 19.02.11" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc677d Search vendor "Siemens" for product "Simatic Ipc677d" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc827d Firmware Search vendor "Siemens" for product "Simatic Ipc827d Firmware" | < 19.02.11 Search vendor "Siemens" for product "Simatic Ipc827d Firmware" and version " < 19.02.11" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc827d Search vendor "Siemens" for product "Simatic Ipc827d" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Ipc847d Firmware Search vendor "Siemens" for product "Simatic Ipc847d Firmware" | < 19.01.14 Search vendor "Siemens" for product "Simatic Ipc847d Firmware" and version " < 19.01.14" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Ipc847d Search vendor "Siemens" for product "Simatic Ipc847d" | - | - |
Safe
|
Siemens Search vendor "Siemens" | Simatic Itp1000 Firmware Search vendor "Siemens" for product "Simatic Itp1000 Firmware" | < 23.01.04 Search vendor "Siemens" for product "Simatic Itp1000 Firmware" and version " < 23.01.04" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Itp1000 Search vendor "Siemens" for product "Simatic Itp1000" | - | - |
Safe
|
Intel Search vendor "Intel" | Converged Security Management Engine Firmware Search vendor "Intel" for product "Converged Security Management Engine Firmware" | >= 11.0.0 < 12.0.5 Search vendor "Intel" for product "Converged Security Management Engine Firmware" and version " >= 11.0.0 < 12.0.5" | - |
Affected
| ||||||
Intel Search vendor "Intel" | Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware" | < 12.0.5 Search vendor "Intel" for product "Active Management Technology Firmware" and version " < 12.0.5" | - |
Affected
| ||||||
Intel Search vendor "Intel" | Manageability Engine Firmware Search vendor "Intel" for product "Manageability Engine Firmware" | >= 9.0.0.0 < 11.0 Search vendor "Intel" for product "Manageability Engine Firmware" and version " >= 9.0.0.0 < 11.0" | - |
Affected
|