CVE-2020-8674
Summary
| CVE | CVE-2020-8674 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-06-15 14:15:00 UTC |
| Updated | 2021-03-18 13:15:00 UTC |
| Description | Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Intel | Active Management Technology Firmware | All | All | All | All |
| Operating System | Intel | Active Management Technology Firmware | All | All | All | All |
| Application | Intel | Service Manager | All | All | All | All |
| Application | Intel | Service Manager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| INTEL-SA-00295 | MISC | www.intel.com | Vendor Advisory |
| Synology Inc. | CONFIRM | www.synology.com | Third Party Advisory |
| Intel CSME, SPS, TXE, AMT and DAL Advisory - Lenovo Support DE | MISC | support.lenovo.com | |
| Intel SA-00295 AMT Vulnerabilities in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| VU#257161 - Treck IP stacks contain multiple vulnerabilities | CERT-VN | www.kb.cert.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.