Lucene search

[email protected]CVE-2021-33149

HistoryMay 12, 2022 - 5:15 p.m.

CVE-2021-33149

2022-05-1217:15:00

CWE-203

[email protected]

web.nvd.nist.gov

cve-2021-33149

intel

processors

behavioral discrepancy

information disclosure

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.1 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

11.9%

JSON

Observable behavioral discrepancy in some Intel® Processors may allow an authorized user to potentially enable information disclosure via local access.

CPENameOperatorVersion
intel:core_processors_firmwareintel core processors firmwareeq-
intel:pentium_processors_firmwareintel pentium processors firmwareeq-
intel:celeron_processors_firmwareintel celeron processors firmwareeq-
intel:xeon_processors_firmwareintel xeon processors firmwareeq-
intel:itanium_processors_firmwareintel itanium processors firmwareeq-
intel:atom_processors_firmwareintel atom processors firmwareeq-
intel:xeon_phi_processors_firmwareintel xeon phi processors firmwareeq-
intel:quark_soc_firmwareintel quark soc firmwareeq-

CPE	Name	Operator	Version
intel:core_processors_firmware	intel core processors firmware	eq	-
intel:pentium_processors_firmware	intel pentium processors firmware	eq	-
intel:celeron_processors_firmware	intel celeron processors firmware	eq	-
intel:xeon_processors_firmware	intel xeon processors firmware	eq	-
intel:itanium_processors_firmware	intel itanium processors firmware	eq	-
intel:atom_processors_firmware	intel atom processors firmware	eq	-
intel:xeon_phi_processors_firmware	intel xeon phi processors firmware	eq	-
intel:quark_soc_firmware	intel quark soc firmware	eq	-

References

security.netapp.com/advisory/ntap-20220818-0002/

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00648.html

Social References

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.1 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

11.9%

JSON

Related for CVE-2021-33149

intel1 nessus1 prion1 f51 ics1