Lucene search

[email protected]NVD:CVE-2019-0164

HistoryJun 13, 2019 - 4:29 p.m.

CVE-2019-0164

2019-06-1316:29:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.3%

JSON

Improper permissions in the installer for Intel® Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected configurations

Nvd

Node

intelturbo_boost_max_technology_3.0Range≤1.0.0.1035

Node

lenovothinkstation_p410_firmwareMatch-

AND

lenovothinkstation_p410Match-

Node

lenovothinkstation_p510_firmwareMatch-

AND

lenovothinkstation_p510Match-

Node

lenovothinkstation_p710_firmwareMatch-

AND

lenovothinkstation_p710Match-

Node

lenovothinkstation_p910_firmwareMatch-

AND

lenovothinkstation_p910Match-

VendorProductVersionCPE
intelturbo_boost_max_technology_3.0*cpe:2.3:a:intel:turbo_boost_max_technology_3.0:*:*:*:*:*:*:*:*
lenovothinkstation_p410_firmware-cpe:2.3:o:lenovo:thinkstation_p410_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p410-cpe:2.3:h:lenovo:thinkstation_p410:-:*:*:*:*:*:*:*
lenovothinkstation_p510_firmware-cpe:2.3:o:lenovo:thinkstation_p510_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p510-cpe:2.3:h:lenovo:thinkstation_p510:-:*:*:*:*:*:*:*
lenovothinkstation_p710_firmware-cpe:2.3:o:lenovo:thinkstation_p710_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p710-cpe:2.3:h:lenovo:thinkstation_p710:-:*:*:*:*:*:*:*
lenovothinkstation_p910_firmware-cpe:2.3:o:lenovo:thinkstation_p910_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p910-cpe:2.3:h:lenovo:thinkstation_p910:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	turbo_boost_max_technology_3.0	*	cpe:2.3:a:intel:turbo_boost_max_technology_3.0::::::::
lenovo	thinkstation_p410_firmware	-	cpe:2.3:o:lenovo:thinkstation_p410_firmware:-:::::::*
lenovo	thinkstation_p410	-	cpe:2.3:h:lenovo:thinkstation_p410:-:::::::*
lenovo	thinkstation_p510_firmware	-	cpe:2.3:o:lenovo:thinkstation_p510_firmware:-:::::::*
lenovo	thinkstation_p510	-	cpe:2.3:h:lenovo:thinkstation_p510:-:::::::*
lenovo	thinkstation_p710_firmware	-	cpe:2.3:o:lenovo:thinkstation_p710_firmware:-:::::::*
lenovo	thinkstation_p710	-	cpe:2.3:h:lenovo:thinkstation_p710:-:::::::*
lenovo	thinkstation_p910_firmware	-	cpe:2.3:o:lenovo:thinkstation_p910_firmware:-:::::::*
lenovo	thinkstation_p910	-	cpe:2.3:h:lenovo:thinkstation_p910:-:::::::*

References

www.securityfocus.com/bid/108770

support.lenovo.com/us/en/product_security/LEN-27841

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.3%

JSON

Related for NVD:CVE-2019-0164

lenovo2 intel1 hp1 cvelist1 cve1 prion1