Lucene search

[email protected]CVE-2021-33080

HistoryMay 12, 2022 - 5:15 p.m.

CVE-2021-33080

2022-05-1217:15:00

CWE-212

[email protected]

web.nvd.nist.gov

cve-2021-33080

intel ssd

intel optane

firmware

information disclosure

escalation of privilege

nvd

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.6 Medium

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

29.0%

JSON

Exposure of sensitive system information due to uncleared debug information in firmware for some Intel® SSD DC, Intel® Optane™ SSD and Intel® Optane™ SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access.

CPENameOperatorVersion
intel:optane_ssd_dc_p4800x_firmwareintel optane ssd dc p4800x firmwarelte2010600
intel:optane_ssd_dc_p4801x_firmwareintel optane ssd dc p4801x firmwarelte2010600
intel:optane_ssd_p5800x_firmwareintel optane ssd p5800x firmwareltl0310200
intel:optane_memory_h20_with_solid_state_storage_firmwareintel optane memory h20 with solid state storage firmwareltpgf028k
intel:optane_memory_h10_with_solid_state_storage_firmwareintel optane memory h10 with solid state storage firmwarelttgf061k
intel:optane_ssd_905p_firmwareintel optane ssd 905p firmwareltfw600
intel:optane_ssd_900p_firmwareintel optane ssd 900p firmwareltfw600

CPE	Name	Operator	Version
intel:optane_ssd_dc_p4800x_firmware	intel optane ssd dc p4800x firmware	lt	e2010600
intel:optane_ssd_dc_p4801x_firmware	intel optane ssd dc p4801x firmware	lt	e2010600
intel:optane_ssd_p5800x_firmware	intel optane ssd p5800x firmware	lt	l0310200
intel:optane_memory_h20_with_solid_state_storage_firmware	intel optane memory h20 with solid state storage firmware	lt	pgf028k
intel:optane_memory_h10_with_solid_state_storage_firmware	intel optane memory h10 with solid state storage firmware	lt	tgf061k
intel:optane_ssd_905p_firmware	intel optane ssd 905p firmware	lt	fw600
intel:optane_ssd_900p_firmware	intel optane ssd 900p firmware	lt	fw600

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html

www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf

Social References

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.6 Medium

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

29.0%

JSON

Related for CVE-2021-33080

prion1 ibm1 intel1 hp1 threatpost1 f51