CVE-2018-3682

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2018-3682
BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.

8.2 /10

CVSS v3 : HIGH

V3 Legend

Vector : AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Exploitability : 1.5 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00130.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00130.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:bmc_firmware:-:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:bbs2600bpb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600bpq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600bps:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600stb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs2600stq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs7200ap:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:bbs7200apl:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:dbs2600cw2r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:dbs2600cw2sr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:dbs2600cwtr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:dbs2600cwtsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpb24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpblc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bpq24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bps:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600bps24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600kpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600kpr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600tp24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600tp24sr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600tp24str:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600tpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600tpnr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns2600tpr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns7200ap:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns7200apl:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns7200apr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:hns7200aprl:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wt2gsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wttgsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wt2gsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wttgsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wt2ysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wttyc1r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wttysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wttysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2308wttysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wttysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600kpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600kpr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600kptr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600stb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600stq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600tpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600tpnr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600tpr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600tptr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wfo:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wt2r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wttr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wtts1r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s7200apr:-:*:*:*:*:*:*:*
History

21 Nov 2024, 04:05

Type Values Removed Values Added
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00130.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00130.html - Vendor Advisory
Information

Published : 2018-07-10 21:29

Updated : 2024-11-21 04:05

NVD link : CVE-2018-3682

Mitre link : CVE-2018-3682

CVE.ORG link : CVE-2018-3682

JSON object : View

Products Affected

intel

  • hns2600bpblc
  • hns2600bpb24
  • s2600wft
  • r1208wt2gsr
  • hns2600tp24sr
  • hns2600kpr
  • r1304wttgsr
  • hns7200apr
  • dbs2600cwtsr
  • r1304wt2gsr
  • hns7200aprl
  • r2208wftzs
  • hns2600tp24r
  • r2308wttysr
  • r2312wfqzs
  • s2600wttr
  • r2312wttysr
  • s2600wfo
  • bmc_firmware
  • hns2600bpq24
  • hns2600tpfr
  • r2308wftzs
  • hns2600tpnr
  • r1304wf0ys
  • hns2600bpq
  • s2600kpfr
  • s2600wfq
  • r1208wttgsr
  • s2600tpnr
  • hns2600bpblc24
  • dbs2600cw2r
  • hns7200ap
  • dbs2600cw2sr
  • r2208wttyc1r
  • r1304wftys
  • bbs7200ap
  • r2208wfqzs
  • bbs2600bpb
  • r2208wt2ysr
  • dbs2600cwtr
  • r2312wftzs
  • r2208wf0zs
  • s2600wt2r
  • s2600stb
  • bbs2600bps
  • hns2600tpr
  • r2224wftzs
  • s2600kptr
  • s2600wtts1r
  • r1208wftys
  • bbs2600stb
  • hns2600bps
  • s2600stq
  • r2312wf0np
  • bbs2600stq
  • s2600tpr
  • hns2600tp24str
  • hns2600kpfr
  • hns7200apl
  • r2224wttysr
  • r2208wttysr
  • s2600kpr
  • bbs2600bpq
  • s2600tpfr
  • bbs7200apl
  • hns2600bps24
  • s7200apr
  • hns2600bpb
  • r2224wfqzs
  • s2600tptr
CWE
CWE-269

Improper Privilege Management