What is the vulnerability ID of this vulnerability?

The vulnerability ID is CVE-2020-8674.

What is the severity of CVE-2020-8674?

The severity of CVE-2020-8674 is medium with a severity value of 5.3.

Which software versions are affected by CVE-2020-8674?

Intel Active Management Technology Firmware versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, and 14.0.33, as well as Intel Service Manager versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, and 14.0.33 are affected by CVE-2020-8674.

How can an unauthenticated user potentially exploit CVE-2020-8674?

An unauthenticated user may exploit CVE-2020-8674 to potentially enable information disclosure via network access.

Where can I find more information about CVE-2020-8674?

You can find more information about CVE-2020-8674 on the following references: https://security.netapp.com/advisory/ntap-20200611-0007/, https://support.lenovo.com/de/en/product_security/len-30041, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html

Vulnerability/
CVE-2020-8674

medium

5.3

CWE

125

15/6/2020

4/8/2024

CVE-2020-8674

First published: Mon Jun 15 2020(Updated: )

Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
Intel Active Management Technology Firmware	>=11.0<11.8.77
Intel Active Management Technology Firmware	>=11.10<11.12.77
Intel Active Management Technology Firmware	>=11.20<11.22.77
Intel Active Management Technology Firmware	>=12.0<12.0.64
Intel Active Management Technology Firmware	>=14.0<14.0.33
Intel Service Manager	>=11.0<11.8.77
Intel Service Manager	>=11.10<11.12.77
Intel Service Manager	>=11.20<11.22.77
Intel Service Manager	>=12.0<12.0.64
Intel Service Manager	>=14.0<14.0.33

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2020-8674.
What is the severity of CVE-2020-8674?
The severity of CVE-2020-8674 is medium with a severity value of 5.3.
Which software versions are affected by CVE-2020-8674?
Intel Active Management Technology Firmware versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, and 14.0.33, as well as Intel Service Manager versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, and 14.0.33 are affected by CVE-2020-8674.
How can an unauthenticated user potentially exploit CVE-2020-8674?
An unauthenticated user may exploit CVE-2020-8674 to potentially enable information disclosure via network access.
Where can I find more information about CVE-2020-8674?
You can find more information about CVE-2020-8674 on the following references: https://security.netapp.com/advisory/ntap-20200611-0007/, https://support.lenovo.com/de/en/product_security/len-30041, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html

collector/nvd-index
agent/weakness
agent/severity
agent/references
agent/author
agent/event
agent/type
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/intel
canonical/intel active management technology firmware
version/intel active management technology firmware/11.0
version/intel active management technology firmware/11.10
version/intel active management technology firmware/11.20
version/intel active management technology firmware/12.0
version/intel active management technology firmware/14.0
canonical/intel service manager
version/intel service manager/11.0
version/intel service manager/11.10
version/intel service manager/11.20
version/intel service manager/12.0
version/intel service manager/14.0