在线客服
联系我们
2020.06.10,我们监测到英特尔公布了多个产品中潜在的安全漏洞,其中预警intel-sa-00295中包括Intel CSME, SPS, TXE, AMT, ISM and DAL等多个产品,可能存在权限提升,拒绝服务或信息泄露漏洞。英特尔已发布固件和软件更新,以减轻这些潜在的漏洞。
浪潮已经发布了安全预警(SA),客户可通过安全预警获取漏洞修复方案。
浪潮受影响产品
| CVE | CVSS | Affected Products |
| CVE-2020-0594 | CVSS Base Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | none |
| CVE-2020-0595 | CVSS Base Score: 9.8 Critical CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | none |
| CVE-2020-0586 | CVSS Base Score: 8.4 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H | none |
| CVE-2020-0542 | CVSS Base Score: 7.8 High CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | none |
| CVE-2020-0596 | CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | none |
| CVE-2020-0538 | CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | none |
| CVE-2020-0534 | CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | none |
| CVE-2020-0533 | CVSS Base Score: 7.5 High CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H | none |
| CVE-2020-0566 | CVSS Base Score: 7.3 High CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N | none |
| CVE-2020-0532 | CVSS Base Score: 7.1 High CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H | none |
| CVE-2020-0541 | CVSS Base Score: 6.7 Medium CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | none |
| CVE-2020-0597 | CVSS Base Score: 6.5 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | none |
| CVE-2020-0531 | CVSS Base Score: 6.5 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | none |
| CVE-2020-0535 | CVSS Base Score: 5.3 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | none |
| CVE-2020-0540 | CVSS Base Score: 5.3 Medium CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | none |
| CVE-2020-0536 | CVSS Base Score: 5.3 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | none |
| CVE-2020-0537 | CVSS Base Score: 4.9 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H | none |
| CVE-2020-0545 | CVSS Base Score: 4.4 Medium CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H | server M5 |
| CVE-2020-8674 | CVSS Base Score: 4.3 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | none |
| CVE-2020-0539 | CVSS Base Score: 3.3 Low CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | none |
Intel-SA-00295:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
2020-07-02 V1.0 INITIAL
2020-08-18 V1.1 UPDATE 增加SA链接
浪潮一贯主张尽全力保障产品用户的最终利益,遵循负责任的安全事件披露原则,并通过产品安全问题处理机制处理产品安全问题。
反馈浪潮产品安全问题:https://www.inspur.com/lcjtww/psirt/vulnerability-management/index.html#report_ldbg
订阅浪潮产品安全信息:https://en.inspur.com/en/security_bulletins/vulnerability_subscription/index.html
获取技术支持:https://www.inspur.com/lcjtww/2317452/2317456/2317460/index.html
