CVE-2019-11109Intel Server Platform Services Firmware vulnerability

3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.1%
top 72.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Intel Server Platform Services FirmwareF5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall Manager+9 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages12 packages

NVDintel/server_platform_services_firmwaresps_e5_04.00.00.000.0sps_e5_04.01.04.275.0+2
NVDf5/big-ip_access_policy_manager11.5.211.6.5+4
NVDf5/big-ip_local_traffic_manager11.5.211.6.5+4
NVDf5/big-ip_fraud_protection_service11.5.211.6.5+3
NVDf5/big-ip_analytics11.5.211.6.5+4

🔴Vulnerability Details

2
GHSA
GHSA-9cxw-fmwg-5p6f: Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_042022-05-24
CVEList
CVE-2019-11109: Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_042019-12-18
CVE-2019-11109 — Intel vulnerability | cvebase