QwikSec

Security Database

CVE

CWE

Training

CVE-2019-11137

Published: Nov 14, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Vendor	Product	Versions
n/a	2019.2 IPU – UEFI	affected `See provided reference`

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html

x_refsource_MISC

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us

x_refsource_CONFIRM

https://support.f5.com/csp/article/K56215245?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.