Lucene search

[email protected]CVE-2023-24588

HistoryNov 14, 2023 - 7:15 p.m.

CVE-2023-24588

2023-11-1419:15:18

CWE-200

[email protected]

web.nvd.nist.gov

cve-2023-24588

intel

optane

ssd

firmware

information disclosure

nvd

5.9 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

4.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.1%

JSON

Exposure of sensitive information to an unauthorized actor in firmware for some Intel® Optane™ SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access.

Affected configurations

NVD

Node

inteloptane_memory_h20_with_solid_state_storage_firmwareRange<u4110553-g004

AND

inteloptane_memory_h20_with_solid_state_storageMatch-

Node

inteloptane_ssd_900p_firmwareRange<e2010650

AND

inteloptane_ssd_900pMatch-

Node

inteloptane_ssd_dc_p4800x_firmwareRange<e2010650

AND

inteloptane_ssd_dc_p4800xMatch-

Node

inteloptane_ssd_dc_p4801x_firmwareRange<e2010650

AND

inteloptane_ssd_dc_p4801xMatch-

Node

inteloptane_ssd_905p_firmwareRange<e2010650

AND

inteloptane_ssd_905pMatch-

CPENameOperatorVersion
intel:optane_memory_h20_with_solid_state_storage_firmwareintel optane memory h20 with solid state storage firmwareltu4110553-g004

CPE	Name	Operator	Version
intel:optane_memory_h20_with_solid_state_storage_firmware	intel optane memory h20 with solid state storage firmware	lt	u4110553-g004

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Optane(TM) SSD products",
    "versions": [
      {
        "version": "firmware for some Intel(R) Optane(TM) SSD products",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]