Netapp Solidfire_bios
16 CVEs affecting Netapp Solidfire_bios. Latest disclosed: 2022-02-09. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-12360 | High | 7.8 | 2021-06-09 | Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. |
CVE-2020-8739 | High | 7.8 | 2020-11-12 | Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable esc… |
CVE-2020-12359 | Medium | 6.8 | 2021-06-09 | Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privile… |
CVE-2020-8700 | Medium | 6.7 | 2021-06-09 | Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local acce… |
CVE-2020-12357 | Medium | 6.7 | 2021-06-09 | Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
CVE-2020-8764 | Medium | 6.7 | 2020-11-12 | Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local acces… |
CVE-2020-8740 | Medium | 6.7 | 2020-11-12 | Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege v… |
CVE-2020-8738 | Medium | 6.7 | 2020-11-12 | Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation o… |
CVE-2021-0060 | Medium | 6.6 | 2022-02-09 | Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04.04.033.0, SPS_E5_04.04.03.281.0, S… |
CVE-2020-24511 | Medium | 6.5 | 2021-06-09 | Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local acces… |
CVE-2020-8670 | Medium | 6.4 | 2021-06-09 | Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
CVE-2020-24486 | Medium | 5.5 | 2021-06-09 | Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. |
CVE-2020-8698 | Medium | 5.5 | 2020-11-12 | Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local acces… |
CVE-2020-8696 | Medium | 5.5 | 2020-11-12 | Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable informat… |
CVE-2020-12358 | Medium | 4.4 | 2021-06-09 | Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. |
CVE-2020-24512 | Low | 3.3 | 2021-06-09 | Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |