Server Board S2600Wt Firmware
CVE-2020-8723
MEDIUM
Severity by source
AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionNVD
Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
AnalysisAI
Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Affected products include: Intel Server Board S2600Wt Firmware, Intel Server System R1000Wt Firmware, Intel Server System R2000Wt Firmware, Intel Server Board S2600Cw, Intel Compute Module Hns2600Kp Firmware. Version information: version 1.59.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before ve
Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute
Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 m
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allo
Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before ve
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allo
Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may al
Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 m
Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may al
Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today