CVE-2004-2600

high

Description

The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15775

http://www.securityfocus.com/bid/10068

http://www.osvdb.org/4978

http://support.intel.com/support/motherboards/server/sb/CS-010422.htm

http://secunia.com/advisories/11315

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.01141