CVE Vulnerabilities

CVE-2018-12172

Published: Oct 10, 2018 | Modified: Oct 03, 2019

CVSS 3.x

5.5

MEDIUM

Source:

NVD

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS 2.x

2.1 LOW

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-12172
CWE	https://cwe.mitre.org/data/definitions/.html

Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords via local access.

Affected Software

Name	Vendor	Start Version	End Version
S7200ap_firmware	Intel	r01.03.0018 (including)	r01.03.0018 (including)

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00138.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.