CVE-2020-8723

Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:server_board_s2600wt_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_board_s2600wt2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wt2r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wtt:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wttr:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:intel:server_system_r1000wt_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_system_r1208wt2gs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208wt2gsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208wttgs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208wttgsbpp:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208wttgsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wt2gs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wt2gsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wttgs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wttgsr:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:intel:server_system_r2000wt_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_system_r2208wt2ys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wt2ysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wttyc1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wttyc1r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wttys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wttysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2224wttys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2224wttysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2308wttys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2308wttysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2312wttys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2312wttysr:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:intel:server_board_s2600cw:*:*:*:*:*:*:*:*
OR cpe:2.3:a:intel:server_board_s2600cw2:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_board_s2600cw2r:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_board_s2600cw2s:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_board_s2600cw2sr:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_board_s2600cwt:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_board_s2600cwtr:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_board_s2600cwts:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:server_board_s2600cwtsr:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:intel:compute_module_hns2600kp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:compute_module_hns2600kp:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600kpf:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600kpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600kpr:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:intel:server_board_s2600kp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_board_s2600kp:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600kpf:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600kpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600kpr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600kptr:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:intel:compute_module_hns2600tp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:compute_module_hns2600tp:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600tp24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600tp24sr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600tpf:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600tpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600tpr:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:intel:compute_module_s2600tp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_board_s2600tp:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600tpf:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600tpfr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600tpr:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:intel:server_board_s1200sp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_board_s1200spl:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s1200splr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s1200spo:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s1200spor:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s1200sps:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s1200spsr:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:intel:server_system_lr1304sp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_system_lr1304spcfg1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_lr1304spcfg1r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_lr1304spcfsgx1:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:intel:server_system_lsvrp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_system_lsvrp4304es6xx1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_lsvrp4304es6xxr:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:intel:server_system_r1000sp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_system_r1208sposhor:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208sposhorr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304sposhbn:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304sposhbnr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304sposhor:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304sposhorr:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:intel:server_board_s2600wf_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_board_s2600wf0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wf0r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wfq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wfqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wft:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600wftr:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:intel:server_system_r1000wf_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_system_lnetcnt3y:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_mcb2208wfaf4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_mcb2208wfaf5:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_mcb2208wfaf6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_mcb2208wfhy2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_nb2208wfqnfvi:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208wfqysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1208wftysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wf0ys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wf0ysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r1304wftysr:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:intel:server_system_r2000wf_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_system_r2208wf0zs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wf0zsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wfqzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2208wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2224wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2224wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2224wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2308wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2308wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2312wf0np:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2312wf0npr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2312wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2312wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_r2312wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_vrn2208waf6:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_vrn2208wfaf81:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_vrn2208wfaf82:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_vrn2208wfaf83:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_vrn2208wfhy6:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:intel:server_board_s2600st_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_board_s2600stb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600stbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600stq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600stqr:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:intel:compute_module_hns2600bp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:compute_module_hns2600bpb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpb24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpb24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpblc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpblc24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpblc24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpblcr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpq24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpq24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bps:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bps24:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bps24r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:compute_module_hns2600bpsr:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:intel:server_board_s2600bp_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:server_board_s2600bpb:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600bpbr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600bpq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600bpqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600bps:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_s2600bpsr:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:39

Type Values Removed Values Added
References () https://security.netapp.com/advisory/ntap-20200814-0002/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20200814-0002/ - Third Party Advisory
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00384.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00384.html - Vendor Advisory

Information

Published : 2020-08-13 03:15

Updated : 2024-11-21 05:39


NVD link : CVE-2020-8723

Mitre link : CVE-2020-8723

CVE.ORG link : CVE-2020-8723


JSON object : View

Products Affected

intel

  • server_board_s2600wtt
  • server_system_r1000wt_firmware
  • compute_module_hns2600bpsr
  • server_system_r2208wttyc1r
  • compute_module_hns2600tpr
  • compute_module_hns2600bpb
  • compute_module_hns2600bpb24r
  • compute_module_hns2600bps
  • server_system_lsvrp4304es6xxr
  • compute_module_hns2600bpq24r
  • compute_module_hns2600kpr
  • server_board_s2600wfqr
  • server_system_r1304wf0ys
  • compute_module_hns2600tpfr
  • compute_module_hns2600bpblc24r
  • server_system_r2208wttyc1
  • server_system_r2308wttys
  • server_board_s2600cwts
  • server_system_r2224wftzsr
  • server_system_r1304wttgsr
  • server_system_r2312wf0npr
  • server_board_s2600wft
  • server_system_mcb2208wfaf5
  • server_system_vrn2208wfaf81
  • server_board_s2600st_firmware
  • server_system_r2312wttys
  • server_system_r1208wftys
  • compute_module_hns2600bps24
  • server_board_s2600stq
  • server_board_s2600bpq
  • server_system_r1304wt2gs
  • server_system_r2224wttysr
  • compute_module_hns2600kpfr
  • server_system_r2308wftzs
  • server_system_r2208wf0zs
  • server_system_r2208wftzsr
  • server_board_s2600wf0r
  • server_board_s2600kpf
  • server_system_r2208wfqzsr
  • server_system_lnetcnt3y
  • server_system_r1208wt2gsr
  • server_board_s2600tpr
  • server_board_s2600wf_firmware
  • server_system_r1304wftysr
  • server_system_lsvrp4304es6xx1
  • server_system_vrn2208wfaf82
  • server_board_s2600tpfr
  • server_system_r1304sposhor
  • compute_module_hns2600tp
  • server_system_nb2208wfqnfvi
  • server_system_r2208wftzs
  • server_system_mcb2208wfaf4
  • server_system_vrn2208wfhy6
  • server_system_r2308wftzsr
  • compute_module_hns2600bpblc
  • server_board_s1200spsr
  • server_board_s2600cw2s
  • server_system_lsvrp_firmware
  • compute_module_hns2600bpbr
  • server_system_r1304sposhorr
  • compute_module_hns2600bpblcr
  • server_system_r2312wftzsr
  • server_board_s2600wt2r
  • server_system_r2208wt2ysr
  • server_system_r2208wttysr
  • server_system_mcb2208wfhy2
  • server_board_s2600bp_firmware
  • server_system_r2224wttys
  • server_system_r2308wttysr
  • server_system_r2312wttysr
  • server_board_s2600kpr
  • server_system_r2000wf_firmware
  • compute_module_hns2600bpb24
  • server_board_s2600wttr
  • server_board_s2600bpbr
  • server_board_s2600stb
  • server_system_r1208wt2gs
  • server_system_r2208wf0zsr
  • server_system_r1208sposhorr
  • server_system_r2312wf0np
  • server_board_s2600kp
  • compute_module_hns2600kpf
  • server_system_lr1304spcfg1
  • compute_module_hns2600bp_firmware
  • compute_module_hns2600kp
  • compute_module_hns2600tp24r
  • compute_module_hns2600bpqr
  • server_system_r1000wf_firmware
  • server_system_r2312wfqzs
  • server_system_r2208wt2ys
  • server_board_s2600cw
  • server_board_s2600wfq
  • server_system_r1208sposhor
  • server_system_mcb2208wfaf6
  • server_system_r1000sp_firmware
  • server_system_r1304wftys
  • server_system_lr1304spcfsgx1
  • server_system_r1304sposhbnr
  • server_system_r1208wfqysr
  • server_board_s2600cwtr
  • server_board_s1200sp_firmware
  • server_board_s2600stqr
  • server_system_r2312wftzs
  • compute_module_hns2600tp24sr
  • compute_module_hns2600bps24r
  • server_board_s2600cw2sr
  • server_system_r1208wttgsr
  • server_system_r1208wftysr
  • server_board_s2600bpqr
  • server_board_s1200spor
  • compute_module_hns2600tpf
  • server_system_lr1304spcfg1r
  • server_board_s1200spo
  • server_board_s2600bpsr
  • server_board_s2600wt2
  • compute_module_s2600tp_firmware
  • server_system_r1208wttgsbpp
  • server_system_r1304wf0ysr
  • server_board_s2600kptr
  • server_system_r2224wfqzs
  • server_system_lr1304sp_firmware
  • server_board_s2600tp
  • server_board_s2600cwtsr
  • server_board_s2600cw2
  • compute_module_hns2600kp_firmware
  • server_board_s2600kpfr
  • compute_module_hns2600bpq
  • server_board_s2600wftr
  • server_board_s1200splr
  • server_board_s2600wf0
  • server_system_r1304wttgs
  • server_board_s2600kp_firmware
  • compute_module_hns2600bpblc24
  • server_board_s2600bps
  • server_system_r1304wt2gsr
  • server_system_r2208wttys
  • compute_module_hns2600bpq24
  • server_system_vrn2208waf6
  • server_board_s2600cwt
  • server_board_s2600cw2r
  • server_system_r1208wttgs
  • server_board_s2600stbr
  • compute_module_hns2600tp_firmware
  • server_system_r2224wftzs
  • server_board_s2600tpf
  • server_system_r1304sposhbn
  • server_board_s1200sps
  • server_board_s2600bpb
  • server_system_vrn2208wfaf83
  • server_system_r2208wfqzs
  • server_board_s2600wt_firmware
  • server_system_r2000wt_firmware
  • server_board_s1200spl
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')