1. Home
  2. CVE Database
  3. CVE-2020-12376
MEDIUM · 5.5

CVE-2020-12376

Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclos...

Vulnerability Description

Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IntelBmc Firmware< 2.47
IntelHns2600Bpb-
IntelHns2600Bpb24-
IntelHns2600Bpb24R-
IntelHns2600Bpblc-
IntelHns2600Bpblc24-
IntelHns2600Bpblc24R-
IntelHns2600Bpbr-
IntelHns2600Bpq-
IntelHns2600Bpq24-
IntelHns2600Bpq24R-
IntelHns2600Bpqr-
IntelHns2600Bps-
IntelHns2600Bps24-
IntelHns2600Bps24R-
IntelHns2600Bpsr-
IntelR1000Wf-
IntelR1208Wfqysr-
IntelR1208Wftys-
IntelR1208Wftysr-

Related Weaknesses (CWE)

CWE-798

References

FAQ

What is CVE-2020-12376?

CVE-2020-12376 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclos...

How severe is CVE-2020-12376?

CVE-2020-12376 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-12376?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Bmc Firmware, Intel Hns2600Bpb, Intel Hns2600Bpb24, Intel Hns2600Bpb24R, Intel Hns2600Bpblc.