CVE-2019-16863 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 49%

Vendor	Product	Version
st	st33tphf2espi_firmware	71.0
st	st33tphf2espi_firmware	71.4
st	st33tphf2espi_firmware	71.12
st	st33tphf2espi_firmware	73.0
st	st33tphf2espi_firmware	73.4
st	st33tphf2espi_firmware	73.8
st	st33tphf2ei2c_firmware	73.5
st	st33tphf2ei2c_firmware	73.9
st	st33tphf20spi_firmware	74.0
st	st33tphf20spi_firmware	74.4
st	st33tphf20spi_firmware	74.8
st	st33tphf20spi_firmware	74.16
st	st33tphf20i2c_firmware	74.5
st	st33tphf20i2c_firmware	74.9

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-203 - Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

References

http://tpm.fail

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190024

https://support.f5.com/csp/article/K32412503?utm_source=f5support&amp%3Butm_medium=RSS

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03972en_us

https://support.lenovo.com/us/en/product_security/LEN-29406

https://www.st.com/content/st_com/en/campaigns/tpm-update.html

http://tpm.fail

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190024

https://support.f5.com/csp/article/K32412503?utm_source=f5support&amp%3Butm_medium=RSS

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03972en_us

https://support.lenovo.com/us/en/product_security/LEN-29406

https://www.st.com/content/st_com/en/campaigns/tpm-update.html