IBMB01226F34419742F59CC680BE3C7FBFA8FD3CEC4AAE766DE5E1CE70F7445A628Security Bulletin: IBM Netezza Firmware Diagnostics Support Tool is affected by the vulnerabilities known as Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
Summary
CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling (MSBDS)
CVSS Base Score: 6.5 Medium
CVE-2018-12127 - Microarchitectural Load Port Data Sampling (MLPDS)
CVSS Base Score: 6.5 Medium
CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling (MFBDS)
CVSS Base Score: 6.5 Medium
CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
CVSS Base Score: 3.8 Low
Affected Products and Versions
IBM Netezza Firmware Diagnostics Support Tool 2.0.0.x - 2.0.0.9
Remediation/Fixes
Product
|
VRMF
|
Remediation/First Fix
â|â|â
IBM Netezza Firmware Diagnostics Support Tool
| 2.0.0.10 |
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm integrated analytics system | eq | any |
Related
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N