CVE-2018-3627

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.2 HIGH
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
netappelement_software_management_node
-
𝑥
= Vulnerable software versions
References
https://security.netapp.com/advisory/ntap-20190327-0006/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html
https://security.netapp.com/advisory/ntap-20190327-0006/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html