CVE-2023-29153 - Vulnerability Details - OpenCVE

Uncontrolled resource consumption for some Intel(R) SPS firmware before version SPS_E5_06.01.04.002.0 may allow a privileged user to potentially enable denial of service via network access.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00097.

Key SSVC decision points have not yet been added.

Vendors	Products
Intel	Server Platform Services
Netapp	Hci Bootstrap Os Hci Compute Node Hci Compute Node Bios

Configuration 1 [-]

cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:netapp:hci_bootstrap_os:-:::::::*
	cpe:2.3:o:netapp:hci_compute_node_bios:-:::::::*

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

No data.

No data.

References

Link	Providers
https://security.netapp.com/advisory/ntap-20240322-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html

History

Wed, 14 Jan 2026 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Intel Intel server Platform Services Netapp Netapp hci Bootstrap Os Netapp hci Compute Node Netapp hci Compute Node Bios
CPEs		cpe:2.3:a:intel:server_platform_services:::::::: cpe:2.3:h:netapp:hci_compute_node:-:::::::* cpe:2.3:o:netapp:hci_bootstrap_os:-:::::::* cpe:2.3:o:netapp:hci_compute_node_bios:-:::::::*
Vendors & Products		Intel Intel server Platform Services Netapp Netapp hci Bootstrap Os Netapp hci Compute Node Netapp hci Compute Node Bios

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2024-02-14T13:38:17.590Z

Updated: 2025-02-13T16:49:00.967Z

Reserved: 2023-08-02T03:00:04.619Z

Link: CVE-2023-29153

Vulnrichment

Updated: 2024-08-02T14:00:15.992Z

NVD

Status : Analyzed

Published: 2024-02-14T14:15:49.303

Modified: 2026-01-14T18:31:42.933

Link: CVE-2023-29153

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29153", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2023-08-02T03:00:04.619Z", "datePublished": "2024-02-14T13:38:17.590Z", "dateUpdated": "2025-02-13T16:49:00.967Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2024-03-22T19:06:06.059Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "denial of service"}, {"lang": "en", "description": "Uncontrolled resource consumption", "cweId": "CWE-400", "type": "CWE"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) SPS firmware", "versions": [{"version": "before version SPS_E5_06.01.04.002.0", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Uncontrolled resource consumption for some Intel(R) SPS firmware before version SPS_E5_06.01.04.002.0 may allow a privileged user to potentially enable denial of service via network access."}], "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html"}, {"url": "https://security.netapp.com/advisory/ntap-20240322-0005/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-29153", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-28T19:13:53.070528Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:27:26.779Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:15.992Z"}, "title": "CVE Program Container", "references": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240322-0005/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240322-0005/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:15.992Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-29153", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-28T19:13:53.070528Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:20.150Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) SPS firmware", "versions": [{"status": "affected", "version": "before version SPS_E5_06.01.04.002.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html"}, {"url": "https://security.netapp.com/advisory/ntap-20240322-0005/"}], "descriptions": [{"lang": "en", "value": "Uncontrolled resource consumption for some Intel(R) SPS firmware before version SPS_E5_06.01.04.002.0 may allow a privileged user to potentially enable denial of service via network access."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "denial of service"}, {"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "Uncontrolled resource consumption"}]}], "providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2024-02-14T13:38:17.590Z"}}}, "cveMetadata": {"cveId": "CVE-2023-29153", "state": "PUBLISHED", "dateUpdated": "2024-08-02T14:00:15.992Z", "dateReserved": "2023-08-02T03:00:04.619Z", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "datePublished": "2024-02-14T13:38:17.590Z", "assignerShortName": "intel"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E774EFE-4C2B-43BF-8096-8C605CE599F7", "versionEndExcluding": "SPS_E5_06.01.04.002.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C767AA1-88B7-48F0-9F31-A89D16DCD52C", "vulnerable": true}, {"criteria": "cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C61DF9A-ABDE-44A2-A060-B088428D5064", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Uncontrolled resource consumption for some Intel(R) SPS firmware before version SPS_E5_06.01.04.002.0 may allow a privileged user to potentially enable denial of service via network access."}, {"lang": "es", "value": "El consumo incontrolado de recursos para algunos firmware Intel(R) SPS anteriores a la versi\u00f3n SPS_E5_06.01.04.002.0 puede permitir que un usuario privilegiado habilite potencialmente la denegaci\u00f3n de servicio a trav\u00e9s del acceso a la red."}], "id": "CVE-2023-29153", "lastModified": "2026-01-14T18:31:42.933", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "secure@intel.com", "type": "Secondary"}]}, "published": "2024-02-14T14:15:49.303", "references": [{"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "https://security.netapp.com/advisory/ntap-20240322-0005/"}, {"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.netapp.com/advisory/ntap-20240322-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01003.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "secure@intel.com", "type": "Secondary"}]}