CVE-2018-12187

Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
intelactive_management_technology_firmware
11.0 ≤
𝑥
< 11.8.60
intelactive_management_technology_firmware
11.10 ≤
𝑥
< 11.11.60
intelactive_management_technology_firmware
11.20 ≤
𝑥
< 11.22.60
intelactive_management_technology_firmware
12.0.0 ≤
𝑥
< 12.0.20
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.netapp.com/advisory/ntap-20190318-0001/
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html
https://security.netapp.com/advisory/ntap-20190318-0001/
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html