CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS
Percentile
50.7%
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system.
Vendor | Product | Version | CPE |
---|---|---|---|
amperecomputing | ampere_altra_max | - | cpe:2.3:h:amperecomputing:ampere_altra_max:-:*:*:*:*:*:*:* |
amperecomputing | ampere_altra_max_firmware | * | cpe:2.3:o:amperecomputing:ampere_altra_max_firmware:*:*:*:*:*:*:*:* |
amperecomputing | ampere_altra | - | cpe:2.3:h:amperecomputing:ampere_altra:-:*:*:*:*:*:*:* |
amperecomputing | ampere_altra_firmware | * | cpe:2.3:o:amperecomputing:ampere_altra_firmware:*:*:*:*:*:*:*:* |
amperecomputing | ampereone | - | cpe:2.3:h:amperecomputing:ampereone:-:*:*:*:*:*:*:* |
amperecomputing | ampereone_firmware | * | cpe:2.3:o:amperecomputing:ampereone_firmware:*:*:*:*:*:*:*:* |