Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-33117
HistoryMay 12, 2022 - 12:00 a.m.

CVE-2021-33117

2022-05-1200:00:00
ubuntu.com
ubuntu.com
25
intel
access control
information disclosure
local attacker
bios
unix

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

5.1%

Improper access control for some 3rd Generation Intel® Xeon® Scalable
Processors before BIOS version MR7, may allow a local attacker to
potentially enable information disclosure via local access.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchintel-microcode< 3.20220510.0ubuntu0.18.04.1UNKNOWN
ubuntu20.04noarchintel-microcode< 3.20220510.0ubuntu0.20.04.1UNKNOWN
ubuntu21.10noarchintel-microcode< 3.20220510.0ubuntu0.21.10.1UNKNOWN
ubuntu22.04noarchintel-microcode< 3.20220510.0ubuntu0.22.04.1UNKNOWN
ubuntu22.10noarchintel-microcode< 3.20220207.1ubuntu1UNKNOWN
ubuntu16.04noarchintel-microcode< 3.20220510.0ubuntu0.16.04.1+esm1UNKNOWN

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

5.1%