CVE-2022-29493

EUVD-2022-33831
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
intelCNA
4.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
intelbaseboard_management_controller_firmware
𝑥
< 2.86
intelbaseboard_management_controller_firmware
𝑥
< 2.09
intelbaseboard_management_controller_firmware
𝑥
< 2.81
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html