CVE-2019-0089

CWE-193 documents3 sources
Severity
6.7MEDIUM
EPSS
0.1%
top 82.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Server Platform Services
Timeline
PublishedMay 17
Latest updateMay 24

Description

Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDintel/server_platform_services< sps_e5_04.00.04.381.0+3
CVEListV5intel(r)_server_platform_services_(sps)Versions before SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0.

🔴Vulnerability Details

2
GHSA
GHSA-w6pc-fvcc-hjc2: Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_042022-05-24
CVEList
CVE-2019-0089: Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_042019-05-17
CVE-2019-0089 (MEDIUM CVSS 6.7) | Improper data sanitization vulnerab | cvebase.io