1. Home
  2. CVE Database
  3. CVE-2023-28376
MEDIUM · 6.5

CVE-2023-28376

Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent ...

Vulnerability Description

Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
IntelEthernet Network Adapter E810-2Cqda2 Firmware< 1.7.1
IntelEthernet Network Adapter E810-2Cqda2-
IntelEthernet Network Adapter E810-Cqda1 Firmware< 1.7.1
IntelEthernet Network Adapter E810-Cqda1-
IntelEthernet Network Adapter E810-Cqda1 For Ocp Firmware< 1.7.1
IntelEthernet Network Adapter E810-Cqda1 For Ocp-
IntelEthernet Network Adapter E810-Cqda1 For Ocp 3.0 Firmware< 1.7.1
IntelEthernet Network Adapter E810-Cqda1 For Ocp 3.0-
IntelEthernet Network Adapter E810-Cqda2 Firmware< 1.7.1
IntelEthernet Network Adapter E810-Cqda2-
IntelEthernet Network Adapter E810-Cqda2 For Ocp 3.0 Firmware< 1.7.1
IntelEthernet Network Adapter E810-Cqda2 For Ocp 3.0-
IntelEthernet Network Adapter E810-Cqda2T Firmware< 1.7.1
IntelEthernet Network Adapter E810-Cqda2T-

Related Weaknesses (CWE)

CWE-125

References

FAQ

What is CVE-2023-28376?

CVE-2023-28376 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent ...

How severe is CVE-2023-28376?

CVE-2023-28376 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-28376?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Ethernet Network Adapter E810-2Cqda2 Firmware, Intel Ethernet Network Adapter E810-2Cqda2, Intel Ethernet Network Adapter E810-Cqda1 Firmware, Intel Ethernet Network Adapter E810-Cqda1, Intel Ethernet Network Adapter E810-Cqda1 For Ocp Firmware.