CVE-2018-3627

EUVD-2018-15481
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.2 HIGH
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
intelconverged_security_management_engine_firmware
11.0
netappelement_software_management_node
-
𝑥
= Vulnerable software versions
References
https://security.netapp.com/advisory/ntap-20190327-0006/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html
https://security.netapp.com/advisory/ntap-20190327-0006/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html