CVE-2019-11168
Severity
9.1CRITICAL
EPSS
1.0%
top 22.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 14
Latest updateMay 24
Description
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-c673-wfh5-4255: Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable informati↗2022-05-24
CVEList▶
CVE-2019-11168: Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable informati↗2019-11-14