CVE-2018-3616

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:manageability_engine_firmware:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_pc547e:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:simatic_pc547g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:05

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/106996 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106996 - Third Party Advisory, VDB Entry
References () https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf - Patch, Third Party Advisory () https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf - Patch, Third Party Advisory
References () https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 - Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 - Third Party Advisory, US Government Resource
References () https://security.netapp.com/advisory/ntap-20180924-0003/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20180924-0003/ - Third Party Advisory
References () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us - Third Party Advisory () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us - Third Party Advisory
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html - Vendor Advisory

17 Aug 2023, 17:43

Type Values Removed Values Added
First Time Intel manageability Engine Firmware
Intel active Management Technology Firmware
CPE cpe:2.3:o:intel:manageability_engine_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*

Information

Published : 2018-09-12 19:29

Updated : 2024-11-21 04:05


NVD link : CVE-2018-3616

Mitre link : CVE-2018-3616

CVE.ORG link : CVE-2018-3616


JSON object : View

Products Affected

siemens

  • simatic_ipc427e
  • simatic_ipc627d_firmware
  • simatic_ipc477e
  • simatic_field_pg_m5
  • simatic_ipc827d_firmware
  • simatic_itp1000_firmware
  • simatic_pc547e
  • simatic_ipc647d_firmware
  • simatic_itp1000
  • simatic_ipc547g
  • simatic_ipc547e_firmware
  • simatic_ipc677d_firmware
  • simatic_field_pg_m5_firmware
  • simatic_ipc847d_firmware
  • simatic_ipc827d
  • simatic_pc547g_firmware
  • simatic_ipc627d
  • simatic_ipc847d
  • simatic_ipc647d
  • simatic_ipc427e_firmware
  • simatic_ipc477e_firmware
  • simatic_ipc677d

intel

  • active_management_technology_firmware
  • converged_security_management_engine_firmware
  • manageability_engine_firmware