Lucene search

K

PRIOn knowledge basePRION:CVE-2018-3640

HistoryMay 22, 2018 - 12:29 p.m.

Design/Logic Flaw

2018-05-2212:29:00

PRIOn knowledge base

www.prio-n.com

7

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

5.4 Medium

AI Score

Confidence

High

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.003 Low

EPSS

Percentile

65.4%

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

CPENameOperatorVersion
cortex-aeq15
cortex-aeq57
cortex-aeq72
atom_ceq3308.0.99
atom_ceq3338.0.99
atom_ceq3508.0.99
atom_ceq3538.0.99
atom_ceq3558.0.99
atom_ceq3708.0.99
atom_ceq3750.0.99

Rows per page:

1-10 of 3201

References

support.lenovo.com/us/en/solutions/LEN-22133

www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html

www.securityfocus.com/bid/104228

www.securitytracker.com/id/1040949

www.securitytracker.com/id/1042004

cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf

cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf

developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

lists.debian.org/debian-lts-announce/2018/07/msg00038.html

lists.debian.org/debian-lts-announce/2018/09/msg00017.html

portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013

psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0005

security.netapp.com/advisory/ntap-20180521-0001/

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel

usn.ubuntu.com/3756-1/

www.debian.org/security/2018/dsa-4273

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

www.kb.cert.org/vuls/id/180049

www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006

www.synology.com/support/security/Synology_SA_18_23

www.us-cert.gov/ncas/alerts/TA18-141A

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

5.4 Medium

AI Score

Confidence

High

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.003 Low

EPSS

Percentile

65.4%

Related for PRION:CVE-2018-3640

cve1 redhatcve1 f52 ubuntucve1 nessus25 debiancve1 suse2 ibm11 debian4 huawei1 openvas16 mageia1 osv3 threatpost1 mscve4 cisco1 qualysblog1 intel1 hp1 vmware1 cloudfoundry1 ubuntu1 lenovo4 cert1 mskb1 fortinet1 apple2 oracle1