{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32280", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2023-06-09T03:00:03.497Z", "datePublished": "2024-02-14T13:37:51.570Z", "dateUpdated": "2024-08-14T17:50:42.293Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2024-02-14T13:37:51.570Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "information disclosure"}, {"lang": "en", "description": "Insufficiently protected credentials", "cweId": "CWE-522", "type": "CWE"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) Server Product OpenBMC firmware", "versions": [{"version": "before versions egs-1.05", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access."}], "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:24.422Z"}, "title": "CVE Program Container", "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "intel", "product": "eagle_stream", "cpes": ["cpe:2.3:h:intel:eagle_stream:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "egs-1.05", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-14T17:49:01.014917Z", "id": "CVE-2023-32280", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T17:50:42.293Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:24.422Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-32280", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-14T17:49:01.014917Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:intel:eagle_stream:-:*:*:*:*:*:*:*"], "vendor": "intel", "product": "eagle_stream", "versions": [{"status": "affected", "version": "0", "lessThan": "egs-1.05", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T17:50:36.417Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) Server Product OpenBMC firmware", "versions": [{"status": "affected", "version": "before versions egs-1.05"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"}], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "information disclosure"}, {"lang": "en", "type": "CWE", "cweId": "CWE-522", "description": "Insufficiently protected credentials"}]}], "providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2024-02-14T13:37:51.570Z"}}}, "cveMetadata": {"cveId": "CVE-2023-32280", "state": "PUBLISHED", "dateUpdated": "2024-08-14T17:50:42.293Z", "dateReserved": "2023-06-09T03:00:03.497Z", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "datePublished": "2024-02-14T13:37:51.570Z", "assignerShortName": "intel"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:openbmc:*:*:*:*:*:*:*:*", "matchCriteriaId": "F87E51DF-77BB-4CF2-A978-057D2C066CD1", "versionEndExcluding": "egs-1.05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:xeon_bronze_3408u:-:*:*:*:*:*:*:*", "matchCriteriaId": "09E7DE0D-42DB-4F10-930B-A0129CC27CAC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5403n:-:*:*:*:*:*:*:*", "matchCriteriaId": "562820DC-1CB4-4063-ACF0-00FE0A9B2E75", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5411n:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EDBC632-F76D-4E3A-9A0E-8BE1DB5A0DDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5412u:-:*:*:*:*:*:*:*", "matchCriteriaId": "316A237D-7975-453E-B92C-896F6364E2F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5415\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE27B5E7-7F00-4A27-B2C5-E66DE71AEF08", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5416s:-:*:*:*:*:*:*:*", "matchCriteriaId": "C14795D9-BC55-417A-8D90-661AA6D1391A", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5418n:-:*:*:*:*:*:*:*", "matchCriteriaId": "9951E153-870C-4DC3-BFFB-4B870DA63AC9", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5418y:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E65EAAF-AD3E-4466-99F1-972CFB59D077", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5420\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FBB4E2C-DFCE-4B95-9817-A2E0C4A8997F", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5423n:-:*:*:*:*:*:*:*", "matchCriteriaId": "48A09287-D982-4AE6-B82E-BB772F384A84", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_5433n:-:*:*:*:*:*:*:*", "matchCriteriaId": "151E7C53-F9DA-47DD-828A-34A0740F5EF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6403n:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8DD9CF9-6A89-4538-B95B-6464914430DC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6414u:-:*:*:*:*:*:*:*", "matchCriteriaId": "05CF326D-3CE1-4270-B8E7-CE9A2A2A4409", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6416h:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D24053A-FFD8-4BD8-8676-7CC117A4185F", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6418h:-:*:*:*:*:*:*:*", "matchCriteriaId": "94721676-CD1A-4056-BEBF-1523C3CE2A30", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6421n:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B4C7008-1E66-4FBD-A197-DFDF4C38FFE3", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6423n:-:*:*:*:*:*:*:*", "matchCriteriaId": "76A41E6F-3874-4137-B80F-E6C0A839BCCC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6426y:-:*:*:*:*:*:*:*", "matchCriteriaId": "4286B9B8-B329-4342-A8C3-AC9A85B6478F", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6428n:-:*:*:*:*:*:*:*", "matchCriteriaId": "975E43D4-B152-44A3-A64A-C9FCC37240B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6430:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB6EA88D-45EB-419A-8ED0-4B32A1846DD6", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6433n:-:*:*:*:*:*:*:*", "matchCriteriaId": "003A0C42-8D2E-462F-9709-2A8C26D98247", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6433ne:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF8F1C3A-64B1-44A8-97BD-8E915FB84B9F", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6434:-:*:*:*:*:*:*:*", "matchCriteriaId": "204B416D-B75B-4A44-8D37-8C6B84B77EF3", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6434h:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE8AEBC9-4A10-4D1F-B267-C9549521DDC8", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6438m:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D150604-EF92-464A-9DA9-8F07DEA7EA7D", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6438n:-:*:*:*:*:*:*:*", "matchCriteriaId": "025106B8-53E0-485E-9009-0DA23D65F556", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6438y\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "20643FF8-CC86-4B1F-A230-BF634E676F0E", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6442y:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8CC5990-41FB-49A8-81C9-6A94A17FCBBE", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6443n:-:*:*:*:*:*:*:*", "matchCriteriaId": "337887FE-6938-4AB8-AE5A-10CAEFC7C350", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6444y:-:*:*:*:*:*:*:*", "matchCriteriaId": "60E9D7F4-5854-4900-BECD-0E55504719AF", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6448h:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1EC68B2-902A-400D-B473-6C01733C71CD", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6448y:-:*:*:*:*:*:*:*", "matchCriteriaId": "63140392-AA9E-43C1-8594-42E8B41C33CC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6454s:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC71C847-8E80-4D85-823F-4567AF62D841", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_gold_6458q:-:*:*:*:*:*:*:*", "matchCriteriaId": "71CFAFD6-4111-48FD-8DB1-81CB64F2958C", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8444h:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC500965-35C1-4747-818C-44E4D8FA2CD5", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8450h:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A79B597-104B-4869-8FD2-DC64876E746A", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8452y:-:*:*:*:*:*:*:*", "matchCriteriaId": "C528F941-F391-4B0F-85EA-71A1E039F3EB", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8454h:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF9A4BED-EFBA-4565-AF8D-ECBDF5934E2C", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8458p:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED46098F-38C6-48CF-8BED-41423A6A4531", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8460h:-:*:*:*:*:*:*:*", "matchCriteriaId": "CFD8A966-382A-4737-B56F-59D68831B501", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8460y\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "5CCC2770-7DAE-41E9-A28F-FA742108174E", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8461v:-:*:*:*:*:*:*:*", "matchCriteriaId": "FFE9690A-18D5-421A-B9B1-FD3FD6F5BB6E", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8462y\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "336A6519-66D9-4F2A-9597-39BAD742129E", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8468:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1F65118-E8A7-44F1-A882-8B5E9C7E3C72", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8468h:-:*:*:*:*:*:*:*", "matchCriteriaId": "0004ECE3-BECD-4E60-BE35-23DDAD1758FF", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8468v:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB861F62-6FA8-498A-B882-6E30814C15DC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8470:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD61523A-0CF0-4416-AC53-26F0415FA462", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8470n:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC3448FA-4298-45EE-BA58-3202C5851540", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8471n:-:*:*:*:*:*:*:*", "matchCriteriaId": "569AE756-7CEC-44D7-9D4C-F1AE534F58DB", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8480\\+:-:*:*:*:*:*:*:*", "matchCriteriaId": "BCDFD394-1E5A-44AF-AB7F-610FBE69102A", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_platinum_8490h:-:*:*:*:*:*:*:*", "matchCriteriaId": "73363441-FC21-4183-89CE-5F52BE8EAEBC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_silver_4410t:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A3B836B-2636-4015-9F64-6272E888A133", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:xeon_silver_4410y:-:*:*:*:*:*:*:*", "matchCriteriaId": "16968277-3B4A-4B98-944A-4FFA6FAA7FAF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access."}, {"lang": "es", "value": "Las credenciales insuficientemente protegidas en algunos firmware OpenBMC de productos de servidor Intel(R) anteriores a las versiones egs-1.05 pueden permitir que un usuario no autenticado habilite la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso a la red."}], "id": "CVE-2023-32280", "lastModified": "2026-01-14T18:26:21.277", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "secure@intel.com", "type": "Secondary"}]}, "published": "2024-02-14T14:15:50.687", "references": [{"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00922.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "secure@intel.com", "type": "Secondary"}]}

{}

{}