1. Home
  2. CVE Database
  3. CVE-2022-29494
MEDIUM · 6.5

CVE-2022-29494

Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via netw...

Vulnerability Description

Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
IntelOpenbmc< wht-1.01-61_0.72
IntelC621A-
IntelC627A-
IntelC629A-
IntelXeon Gold 5315Y-
IntelXeon Gold 5317-
IntelXeon Gold 5318H-
IntelXeon Gold 5318N-
IntelXeon Gold 5318S-
IntelXeon Gold 5318Y-
IntelXeon Gold 5320-
IntelXeon Gold 5320H-
IntelXeon Gold 5320T-
IntelXeon Gold 6312U-
IntelXeon Gold 6314U-
IntelXeon Gold 6326-
IntelXeon Gold 6328H-
IntelXeon Gold 6328Hl-
IntelXeon Gold 6330-
IntelXeon Gold 6330H-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2022-29494?

CVE-2022-29494 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via netw...

How severe is CVE-2022-29494?

CVE-2022-29494 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-29494?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Openbmc, Intel C621A, Intel C627A, Intel C629A, Intel Xeon Gold 5315Y.