Lucene search

[email protected]CVE-2021-0118

HistoryFeb 09, 2022 - 11:15 p.m.

CVE-2021-0118

2022-02-0923:15:00

CWE-125

[email protected]

web.nvd.nist.gov

cve-2021-0118

intel processors

firmware

out-of-bounds read

escalation of privilege

local access

nvd

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

12.3%

JSON

Out-of-bounds read in the firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CPENameOperatorVersion
netapp:cloud_backupnetapp cloud backupeq-
netapp:fas\/aff_biosnetapp fas\/aff bioseq-
intel:xeon_bronze_3206r_firmwareintel xeon bronze 3206r firmwareeq-
intel:xeon_gold_5218r_firmwareintel xeon gold 5218r firmwareeq-
intel:xeon_gold_5220r_firmwareintel xeon gold 5220r firmwareeq-
intel:xeon_gold_6208u_firmwareintel xeon gold 6208u firmwareeq-
intel:xeon_gold_6226r_firmwareintel xeon gold 6226r firmwareeq-
intel:xeon_gold_6230r_firmwareintel xeon gold 6230r firmwareeq-
intel:xeon_gold_6238r_firmwareintel xeon gold 6238r firmwareeq-
intel:xeon_gold_6240r_firmwareintel xeon gold 6240r firmwareeq-

CPE	Name	Operator	Version
netapp:cloud_backup	netapp cloud backup	eq	-
netapp:fas\/aff_bios	netapp fas\/aff bios	eq	-
intel:xeon_bronze_3206r_firmware	intel xeon bronze 3206r firmware	eq	-
intel:xeon_gold_5218r_firmware	intel xeon gold 5218r firmware	eq	-
intel:xeon_gold_5220r_firmware	intel xeon gold 5220r firmware	eq	-
intel:xeon_gold_6208u_firmware	intel xeon gold 6208u firmware	eq	-
intel:xeon_gold_6226r_firmware	intel xeon gold 6226r firmware	eq	-
intel:xeon_gold_6230r_firmware	intel xeon gold 6230r firmware	eq	-
intel:xeon_gold_6238r_firmware	intel xeon gold 6238r firmware	eq	-
intel:xeon_gold_6240r_firmware	intel xeon gold 6240r firmware	eq	-

Rows per page:

1-10 of 6811

References

security.netapp.com/advisory/ntap-20220210-0007/

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527.html

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

12.3%

JSON

Related for CVE-2021-0118

prion1 cvelist1 f51 intel1 ibm2 hp1