National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2018-12191

Change History

Initial Analysis - 3/15/2019 1:46:46 PM

Action Type Old Value New Value
Changed Reference Type
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html No Types Assigned
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html Vendor Advisory
Added CWE
CWE-264
Added CVSS V2
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3
AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Added CPE Configuration
OR
     *cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:* versions from (including) 11.0 up to (excluding) 11.8.60
     *cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:* versions from (including) 11.10 up to (excluding) 11.11.60
     *cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:* versions from (including) 11.20 up to (excluding) 11.22.60
     *cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (excluding) 12.0.20
     *cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:* versions from (including) sps_4.00.04.367 up to (excluding) sps_4.00.04.383
     *cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:* versions from (including) sps_4.01.00.152.0 up to (excluding) sps_4.01.02.174
     *cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:* versions from (including) 3.0 up to (excluding) 3.1.60
     *cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:* versions from (including) 4.0 up to (excluding) 4.0.10