CVE-2022-29493

CWE-755 — Improper Exception Handling3 documents3 sources

Severity

4.9MEDIUM

EPSS

0.3%

top 46.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Baseboard Management Controller Firmware

Timeline

PublishedFeb 16

Description

Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:HExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

▶NVDintel/baseboard_management_controller_firmware< 2.86+2

▶CVEListV5integrated_bmcbefore versions 2.86, 2.09 and 2.78

🔴Vulnerability Details

CVEList

CVE-2022-29493: Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2↗2023-02-16

▶

GHSA

GHSA-6c4v-m93p-5c6v: Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2↗2023-02-16

▶