← Back to CVEs
CVE-2018-3616
MEDIUM5.9
Description
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
CVE Details
CVSS v3.1 Score5.9
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack VectorNETWORK
ComplexityHIGH
Privileges RequiredNONE
User InteractionNONE
Published9/12/2018
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
intel:active_management_technology_firmwareintel:converged_security_management_engine_firmwareintel:manageability_engine_firmwaresiemens:simatic_field_pg_m5siemens:simatic_field_pg_m5_firmwaresiemens:simatic_ipc427esiemens:simatic_ipc427e_firmwaresiemens:simatic_ipc477esiemens:simatic_ipc477e_firmwaresiemens:simatic_ipc547e_firmwaresiemens:simatic_ipc547gsiemens:simatic_ipc627dsiemens:simatic_ipc627d_firmwaresiemens:simatic_ipc647dsiemens:simatic_ipc647d_firmwaresiemens:simatic_ipc677dsiemens:simatic_ipc677d_firmwaresiemens:simatic_ipc827dsiemens:simatic_ipc827d_firmwaresiemens:simatic_ipc847dsiemens:simatic_ipc847d_firmwaresiemens:simatic_itp1000siemens:simatic_itp1000_firmwaresiemens:simatic_pc547esiemens:simatic_pc547g_firmware
References
http://www.securityfocus.com/bid/106996(secure@intel.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf(secure@intel.com)
https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05(secure@intel.com)
https://security.netapp.com/advisory/ntap-20180924-0003/(secure@intel.com)
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us(secure@intel.com)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html(secure@intel.com)
http://www.securityfocus.com/bid/106996(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20180924-0003/(af854a3a-2127-422b-91ae-364da2661108)
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us(af854a3a-2127-422b-91ae-364da2661108)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.