1. Home
  2. CVE Database
  3. CVE-2018-12204
MEDIUM · 6.7

CVE-2018-12204

Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow privileged user to potentially enable a...

Vulnerability Description

Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow privileged user to potentially enable an escalation of privilege via local access.

CVSS Score

6.7

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
IntelPlatform Sample Firmware-
IntelBbs2600Bpb-
IntelBbs2600Bpq-
IntelBbs2600Bps-
IntelBbs2600Stb-
IntelBbs2600Stq-
IntelBbs7200Ap-
IntelBbs7200Apl-
IntelDbs2600Cw2R-
IntelDbs2600Cw2Sr-
IntelDbs2600Cwtr-
IntelDbs2600Cwtsr-
IntelHns2600Bpb-
IntelHns2600Bpb24-
IntelHns2600Bpblc-
IntelHns2600Bpblc24-
IntelHns2600Bpq-
IntelHns2600Bpq24-
IntelHns2600Bps-
IntelHns2600Bps24-

Related Weaknesses (CWE)

CWE-665

References

FAQ

What is CVE-2018-12204?

CVE-2018-12204 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow privileged user to potentially enable a...

How severe is CVE-2018-12204?

CVE-2018-12204 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-12204?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Platform Sample Firmware, Intel Bbs2600Bpb, Intel Bbs2600Bpq, Intel Bbs2600Bps, Intel Bbs2600Stb.