CVE-2018-3628

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
intelactive_management_technology_firmware
3.0 ≤
𝑥
≤ 11.22.70
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1041362
https://security.netapp.com/advisory/ntap-20190327-0001/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html
http://www.securitytracker.com/id/1041362
https://security.netapp.com/advisory/ntap-20190327-0001/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html