Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
27 vulnerabilities found for i915 by intel
VAR-201905-0709
Vulnerability from variot - Updated: 2026-04-10 23:12Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf. Intel Xeon Scalable Processors and so on are products of Intel Corporation of the United States. Intel XeonScalable Processors is a scalable server central processing unit (CPU). IntelXeonProcessorE7v4Family is a XeonE7 series server central processing unit (CPU). IntelXeonProcessorE5v4Family is a XeonE5 series server central processing unit (CPU). An information disclosure vulnerability exists in several Intel products. The vulnerability stems from errors in the configuration of the network system or product during operation. An unauthorized attacker can exploit the vulnerability to obtain sensitive information about the affected component. The following products and versions are affected: Intel Xeon Scalable Processors; Xeon Processor E7 v4 Family; Xeon Processor E5 v4 Family; Xeon Processor E3 v6 Family; Xeon Processor E3 v4 Family; Xeon Processor E; Xeon E Processor; Xeon D Processor; Puma; Pentium Processor Silver Series; Pentium Processor N Series; Pentium Processor J Series; Pentium Gold Processor Series; Mobile Communications Platforms; Microcode; Core X series Processors; Celeron Processor N Series; Celeron Processor J Series; Celeron Processor G Series; Atom Processor X Series ;Atom Processor E3900 Series;Atom Processor E3800 Series;Atom Processor. ========================================================================== Ubuntu Security Notice USN-3980-1 May 14, 2019
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2
Details:
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2018-12130)
Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2018-12127)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2018-12126)
Vasily Averin and Evgenii Shatokhin discovered that a use-after-free vulnerability existed in the NFS41+ subsystem when multiple network namespaces are in use. A local attacker in a container could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-16884)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. (CVE-2019-11091)
Matteo Croce, Natale Vinto, and Andrea Spagnolo discovered that the cgroups subsystem of the Linux kernel did not properly account for SCTP socket buffers. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-3874)
Alex Williamson discovered that the vfio subsystem of the Linux kernel did not properly limit DMA mappings. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-3882)
Marc Orr discovered that the KVM hypervisor implementation in the Linux kernel did not properly restrict APIC MSR register values when nested virtualization is used. An attacker in a guest vm could use this to cause a denial of service (host OS crash). (CVE-2019-3887)
Hugues Anguelkov discovered that the Broadcom Wifi driver in the Linux kernel contained a head puffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-9500)
Hugues Anguelkov discovered that the Broadcom Wifi driver in the Linux kernel did not properly prevent remote firmware events from being processed for USB Wifi devices. A physically proximate attacker could use this to send firmware events to the device. (CVE-2019-9503)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: linux-image-4.18.0-1011-gcp 4.18.0-1011.12 linux-image-4.18.0-1012-kvm 4.18.0-1012.12 linux-image-4.18.0-1014-raspi2 4.18.0-1014.16 linux-image-4.18.0-1016-aws 4.18.0-1016.18 linux-image-4.18.0-1018-azure 4.18.0-1018.18 linux-image-4.18.0-20-generic 4.18.0-20.21 linux-image-4.18.0-20-generic-lpae 4.18.0-20.21 linux-image-4.18.0-20-lowlatency 4.18.0-20.21 linux-image-4.18.0-20-snapdragon 4.18.0-20.21 linux-image-aws 4.18.0.1016.16 linux-image-azure 4.18.0.1018.19 linux-image-gcp 4.18.0.1011.11 linux-image-generic 4.18.0.20.21 linux-image-generic-lpae 4.18.0.20.21 linux-image-gke 4.18.0.1011.11 linux-image-kvm 4.18.0.1012.12 linux-image-lowlatency 4.18.0.20.21 linux-image-powerpc-e500mc 4.18.0.20.21 linux-image-powerpc-smp 4.18.0.20.21 linux-image-powerpc64-emb 4.18.0.20.21 linux-image-powerpc64-smp 4.18.0.20.21 linux-image-raspi2 4.18.0.1014.11 linux-image-snapdragon 4.18.0.20.21 linux-image-virtual 4.18.0.20.21
After a standard system update you need to reboot your computer to make all the necessary changes.
Please note that fully mitigating the Microarchitectural Data Sampling (MDS) issues (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) requires corresponding processor microcode/firmware updates or, in virtual environments, hypervisor updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================ FreeBSD-SA-19:26.mcu Security Advisory The FreeBSD Project
Topic: Intel CPU Microcode Update
Category: 3rd party Module: Intel CPU microcode Announced: 2019-11-12 Credits: Intel Affects: All supported versions of FreeBSD running on certain Intel CPUs. CVE Name: CVE-2019-11135, CVE-2019-11139, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-11091, CVE-2017-5715
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
- From time to time Intel releases new CPU microcode to address functional issues and security vulnerabilities. Such a release is also known as a Micro Code Update (MCU), and is a component of a broader Intel Platform Update (IPU). FreeBSD distributes CPU microcode via the devcpu-data port and package.
II. Problem Description
Starting with version 1.26, the devcpu-data port/package includes updates and mitigations for the following technical and security advisories (depending on CPU model).
Intel TSX Updates (TAA) CVE-2019-11135 Voltage Modulation Vulnerability CVE-2019-11139 MD_CLEAR Operations CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-11091 TA Indirect Sharing CVE-2017-5715 EGETKEY CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-11091 JCC SKX102 Erratum
Updated microcode includes mitigations for CPU issues, but may also cause a performance regression due to the JCC erratum mitigation. Please visit http://www.intel.com/benchmarks for further information.
Please visit http://www.intel.com/security for detailed information on these advisories as well as a list of CPUs that are affected.
III. Impact
Operating a CPU without the latest microcode may result in erratic or unpredictable behavior, including system crashes and lock ups. Certain issues listed in this advisory may result in the leakage of privileged system information to unprivileged users.
IV. Workaround
To determine if TSX is present in your system, run the following:
-
kldload cpuctl
-
cpucontrol -i 7 /dev/cpuctl0
If bits 4 (0x10) and 11 (0x800) are set in the second response word (EBX), TSX is present.
In the absence of updated microcode, TAA can be mitigated by enabling the MDS mitigation:
- sysctl hw.mds_disable=1
Systems must be running FreeBSD 11.3, FreeBSD 12.1, or later for this to work.
IMPORTANT If your use case can tolerate leaving the CPU issues unmitigated and cannot tolerate a performance regression, ensure that the devcpu-data package is not installed or is locked at 1.25 or earlier.
pkg delete devcpu-data
or
pkg lock devcpu-data
Later versions of the LLVM and GCC compilers will include changes that partially relieve the peformance impact.
V. Solution
Install the latest Intel Microcode Update via the devcpu-data port/package, version 1.26 or later.
Updated microcode adds the ability to disable TSX. With updated microcode the issue can still be mitigated by enabling the MDS mitigation as described in the workaround section, or by disabling TSX instead:
-
kldload cpuctl
-
cpucontrol -i 7 /dev/cpuctl0
If bit 29 (0x20000000) is set in the fourth response word (EDX), then the 0x10a MSR is present. cpucontrol -m 0x10a /dev/cpuctl0
If bit 8 (0x100) of the response word is set, your CPU is not vulnerable to TAA and no further action is required.
If bit 7 (0x80) is cleared, then your CPU does not have updated microcode that facilitates TSX to be disabled. The only remedy available is to enable the MDS mitigation, as documented above. cpucontrol -m 0x122=3 /dev/cpuctl0
Repeat step 4 for each numbered CPU that is present.
A future kernel change to FreeBSD will provide automatic detection and mitigation for TAA.
LLVM 9.0 will be updated in FreeBSD 13-current to address the JCC peformance impact. Updates to prior versions of LLVM are currently being evaluated.
VI. Correction details
There are currently no changes in FreeBSD to address this issue.
VII.
Software Description: - intel-microcode: Processor microcode for Intel CPUs
Details:
USN-3977-1 provided mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families. Relevant releases/architectures:
RHV-M 4.2 - noarch
- It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase and other support material. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-56
https://security.gentoo.org/
Severity: High Title: Xen: Multiple vulnerabilities Date: March 25, 2020 Bugs: #686024, #699048, #699996, #702644 ID: 202003-56
Synopsis
Multiple vulnerabilities have been found in Xen, the worst of which could allow for privilege escalation.
Background
Xen is a bare-metal hypervisor.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/xen < 4.12.0-r1 >= 4.12.0-r1 2 app-emulation/xen-tools < 4.12.0-r1 >= 4.12.0-r1 ------------------------------------------------------------------- 2 affected packages
Description
Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Xen users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.12.0-r1"
References
[ 1 ] CVE-2018-12126 https://nvd.nist.gov/vuln/detail/CVE-2018-12126 [ 2 ] CVE-2018-12127 https://nvd.nist.gov/vuln/detail/CVE-2018-12127 [ 3 ] CVE-2018-12130 https://nvd.nist.gov/vuln/detail/CVE-2018-12130 [ 4 ] CVE-2018-12207 https://nvd.nist.gov/vuln/detail/CVE-2018-12207 [ 5 ] CVE-2018-12207 https://nvd.nist.gov/vuln/detail/CVE-2018-12207 [ 6 ] CVE-2019-11091 https://nvd.nist.gov/vuln/detail/CVE-2019-11091 [ 7 ] CVE-2019-11135 https://nvd.nist.gov/vuln/detail/CVE-2019-11135 [ 8 ] CVE-2019-18420 https://nvd.nist.gov/vuln/detail/CVE-2019-18420 [ 9 ] CVE-2019-18421 https://nvd.nist.gov/vuln/detail/CVE-2019-18421 [ 10 ] CVE-2019-18423 https://nvd.nist.gov/vuln/detail/CVE-2019-18423 [ 11 ] CVE-2019-18424 https://nvd.nist.gov/vuln/detail/CVE-2019-18424 [ 12 ] CVE-2019-18425 https://nvd.nist.gov/vuln/detail/CVE-2019-18425 [ 13 ] CVE-2019-19577 https://nvd.nist.gov/vuln/detail/CVE-2019-19577 [ 14 ] CVE-2019-19578 https://nvd.nist.gov/vuln/detail/CVE-2019-19578 [ 15 ] CVE-2019-19580 https://nvd.nist.gov/vuln/detail/CVE-2019-19580 [ 16 ] CVE-2019-19581 https://nvd.nist.gov/vuln/detail/CVE-2019-19581 [ 17 ] CVE-2019-19582 https://nvd.nist.gov/vuln/detail/CVE-2019-19582 [ 18 ] CVE-2019-19583 https://nvd.nist.gov/vuln/detail/CVE-2019-19583
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-56
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: libvirt security update Advisory ID: RHSA-2019:1180-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:1180 Issue date: 2019-05-14 CVE Names: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 =====================================================================
- Summary:
An update for libvirt is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64
- Description:
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.
Security Fix(es):
-
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130)
-
Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126)
-
Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2019-11091)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, libvirtd will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) 1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) 1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) 1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: libvirt-0.10.2-64.el6_10.1.src.rpm
i386: libvirt-0.10.2-64.el6_10.1.i686.rpm libvirt-client-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-python-0.10.2-64.el6_10.1.i686.rpm
x86_64: libvirt-0.10.2-64.el6_10.1.x86_64.rpm libvirt-client-0.10.2-64.el6_10.1.i686.rpm libvirt-client-0.10.2-64.el6_10.1.x86_64.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-python-0.10.2-64.el6_10.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-devel-0.10.2-64.el6_10.1.i686.rpm
x86_64: libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-devel-0.10.2-64.el6_10.1.i686.rpm libvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm libvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: libvirt-0.10.2-64.el6_10.1.src.rpm
x86_64: libvirt-0.10.2-64.el6_10.1.x86_64.rpm libvirt-client-0.10.2-64.el6_10.1.i686.rpm libvirt-client-0.10.2-64.el6_10.1.x86_64.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-python-0.10.2-64.el6_10.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-devel-0.10.2-64.el6_10.1.i686.rpm libvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm libvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: libvirt-0.10.2-64.el6_10.1.src.rpm
i386: libvirt-0.10.2-64.el6_10.1.i686.rpm libvirt-client-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-devel-0.10.2-64.el6_10.1.i686.rpm libvirt-python-0.10.2-64.el6_10.1.i686.rpm
ppc64: libvirt-0.10.2-64.el6_10.1.ppc64.rpm libvirt-client-0.10.2-64.el6_10.1.ppc.rpm libvirt-client-0.10.2-64.el6_10.1.ppc64.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.ppc.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.ppc64.rpm libvirt-devel-0.10.2-64.el6_10.1.ppc.rpm libvirt-devel-0.10.2-64.el6_10.1.ppc64.rpm libvirt-python-0.10.2-64.el6_10.1.ppc64.rpm
s390x: libvirt-0.10.2-64.el6_10.1.s390x.rpm libvirt-client-0.10.2-64.el6_10.1.s390.rpm libvirt-client-0.10.2-64.el6_10.1.s390x.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.s390.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.s390x.rpm libvirt-devel-0.10.2-64.el6_10.1.s390.rpm libvirt-devel-0.10.2-64.el6_10.1.s390x.rpm libvirt-python-0.10.2-64.el6_10.1.s390x.rpm
x86_64: libvirt-0.10.2-64.el6_10.1.x86_64.rpm libvirt-client-0.10.2-64.el6_10.1.i686.rpm libvirt-client-0.10.2-64.el6_10.1.x86_64.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-devel-0.10.2-64.el6_10.1.i686.rpm libvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm libvirt-python-0.10.2-64.el6_10.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
x86_64: libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: libvirt-0.10.2-64.el6_10.1.src.rpm
i386: libvirt-0.10.2-64.el6_10.1.i686.rpm libvirt-client-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-devel-0.10.2-64.el6_10.1.i686.rpm libvirt-python-0.10.2-64.el6_10.1.i686.rpm
x86_64: libvirt-0.10.2-64.el6_10.1.x86_64.rpm libvirt-client-0.10.2-64.el6_10.1.i686.rpm libvirt-client-0.10.2-64.el6_10.1.x86_64.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-devel-0.10.2-64.el6_10.1.i686.rpm libvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm libvirt-python-0.10.2-64.el6_10.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
x86_64: libvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm libvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-12126 https://access.redhat.com/security/cve/CVE-2018-12127 https://access.redhat.com/security/cve/CVE-2018-12130 https://access.redhat.com/security/cve/CVE-2019-11091 https://access.redhat.com/security/vulnerabilities/mds https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXNsJuNzjgjWX9erEAQhuig/7B0ZCV6Np07w9O5y2hyX9OYuOPTWWOuuj aR8ndZOC8FCgp630HSEB/Hi17XzCDCYRQusAKcfnSrDIPLJNbr2I0b3RxvXNiKu/ cfksAhrA6XtdcW4LXSSRvIQGNrBSFGiv1QCYie+ER8JzRCe8+0/K0soMOubg5ZUz 78TQeK87McXoGPAqlNrDW3h1EGpq6SJDSPJg3Q598L1di4s0HUHthV9HcjXYUlqV G2xP1mkq4P6iOmUEqQ45Kq6ntPhFPjaiR/vMz9Tj6B6Kmpb9/IxVpQ84dTideOG9 ad3O1ZPGHchITcKntYZ9IePeIhYoUFeNKccJ9J0h1JvQ7utWmS9j6zBgWmOaReb0 RbhFggIlHQ9Oxxv/jcEz9eU4n+VzGF+Dzv0lhnFNfE5HTer4YFRI+Fm58SkVb1hO 3+hIj1sMrIMm86MmCfB/MnmQeSCy8WJRyjUDkbMTAqN6xOAyDfW0h4DKw0YtS6ml Weubwvnad9ltJslFUh4XCvKNJmNtC3b1YVehE9LpTRcBwpHr26OBs3iDFvHIU5jh mi971Lw8++SZzaYaBEN2+Eop2Dhk2IdMKsFk75OQLdRY94FIZ3hvteOY32tKQBn8 +Xb+dfrSuoEnzSWULGH5LUxOYKik1SnpHphaCX+SBB3aClvCVOoxig7urLIM89Sq 71dvSxshwr0= =CE4I -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "29"
},
{
"_id": null,
"model": "microarchitectural store buffer data sampling",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "xeon scalable processors",
"scope": null,
"trust": 0.6,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "6th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"_id": null,
"model": "5th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"_id": null,
"model": "8th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"_id": null,
"model": "7th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"_id": null,
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v60"
},
{
"_id": null,
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
},
{
"_id": null,
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
},
{
"_id": null,
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
},
{
"db": "NVD",
"id": "CVE-2018-12126"
}
]
},
"credits": {
"_id": null,
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "152922"
},
{
"db": "PACKETSTORM",
"id": "152923"
},
{
"db": "PACKETSTORM",
"id": "152938"
},
{
"db": "PACKETSTORM",
"id": "153049"
}
],
"trust": 0.4
},
"cve": "CVE-2018-12126",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2018-12126",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2019-22231",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-122054",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.1,
"id": "CVE-2018-12126",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-12126",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-22231",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-122054",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
},
{
"db": "VULHUB",
"id": "VHN-122054"
},
{
"db": "NVD",
"id": "CVE-2018-12126"
}
]
},
"description": {
"_id": null,
"data": "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf. Intel Xeon Scalable Processors and so on are products of Intel Corporation of the United States. Intel XeonScalable Processors is a scalable server central processing unit (CPU). IntelXeonProcessorE7v4Family is a XeonE7 series server central processing unit (CPU). IntelXeonProcessorE5v4Family is a XeonE5 series server central processing unit (CPU). An information disclosure vulnerability exists in several Intel products. The vulnerability stems from errors in the configuration of the network system or product during operation. An unauthorized attacker can exploit the vulnerability to obtain sensitive information about the affected component. The following products and versions are affected: Intel Xeon Scalable Processors; Xeon Processor E7 v4 Family; Xeon Processor E5 v4 Family; Xeon Processor E3 v6 Family; Xeon Processor E3 v4 Family; Xeon Processor E; Xeon E Processor; Xeon D Processor; Puma; Pentium Processor Silver Series; Pentium Processor N Series; Pentium Processor J Series; Pentium Gold Processor Series; Mobile Communications Platforms; Microcode; Core X series Processors; Celeron Processor N Series; Celeron Processor J Series; Celeron Processor G Series; Atom Processor X Series ;Atom Processor E3900 Series;Atom Processor E3800 Series;Atom Processor. ==========================================================================\nUbuntu Security Notice USN-3980-1\nMay 14, 2019\n\nlinux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.10\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux: Linux kernel\n- linux-aws: Linux kernel for Amazon Web Services (AWS) systems\n- linux-azure: Linux kernel for Microsoft Azure Cloud systems\n- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems\n- linux-kvm: Linux kernel for cloud environments\n- linux-raspi2: Linux kernel for Raspberry Pi 2\n\nDetails:\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan\nHorea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa\nMilburn, Sebastian \\xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos,\nCristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss\ndiscovered that memory previously stored in microarchitectural fill buffers\nof an Intel CPU core may be exposed to a malicious process that is\nexecuting on the same CPU core. (CVE-2018-12130)\n\nBrandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan\nvan Schaik, Alyssa Milburn, Sebastian \\xd6sterlund, Pietro Frigo, Kaveh\nRazavi, Herbert Bos, and Cristiano Giuffrida discovered that memory\npreviously stored in microarchitectural load ports of an Intel CPU core may\nbe exposed to a malicious process that is executing on the same CPU core. \n(CVE-2018-12127)\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel\nMoghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel\nGruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory\npreviously stored in microarchitectural store buffers of an Intel CPU core\nmay be exposed to a malicious process that is executing on the same CPU\ncore. \n(CVE-2018-12126)\n\nVasily Averin and Evgenii Shatokhin discovered that a use-after-free\nvulnerability existed in the NFS41+ subsystem when multiple network\nnamespaces are in use. A local attacker in a container could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-16884)\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur,\nMoritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa\nMilburn, Sebastian \\xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and\nCristiano Giuffrida discovered that uncacheable memory previously stored in\nmicroarchitectural buffers of an Intel CPU core may be exposed to a\nmalicious process that is executing on the same CPU core. (CVE-2019-11091)\n\nMatteo Croce, Natale Vinto, and Andrea Spagnolo discovered that the cgroups\nsubsystem of the Linux kernel did not properly account for SCTP socket\nbuffers. A local attacker could use this to cause a denial of service\n(system crash). (CVE-2019-3874)\n\nAlex Williamson discovered that the vfio subsystem of the Linux kernel did\nnot properly limit DMA mappings. A local attacker could use this to cause a\ndenial of service (memory exhaustion). (CVE-2019-3882)\n\nMarc Orr discovered that the KVM hypervisor implementation in the Linux\nkernel did not properly restrict APIC MSR register values when nested\nvirtualization is used. An attacker in a guest vm could use this to cause a\ndenial of service (host OS crash). (CVE-2019-3887)\n\nHugues Anguelkov discovered that the Broadcom Wifi driver in the Linux\nkernel contained a head puffer overflow. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-9500)\n\nHugues Anguelkov discovered that the Broadcom Wifi driver in the Linux\nkernel did not properly prevent remote firmware events from being processed\nfor USB Wifi devices. A physically proximate attacker could use this to\nsend firmware events to the device. (CVE-2019-9503)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.10:\n linux-image-4.18.0-1011-gcp 4.18.0-1011.12\n linux-image-4.18.0-1012-kvm 4.18.0-1012.12\n linux-image-4.18.0-1014-raspi2 4.18.0-1014.16\n linux-image-4.18.0-1016-aws 4.18.0-1016.18\n linux-image-4.18.0-1018-azure 4.18.0-1018.18\n linux-image-4.18.0-20-generic 4.18.0-20.21\n linux-image-4.18.0-20-generic-lpae 4.18.0-20.21\n linux-image-4.18.0-20-lowlatency 4.18.0-20.21\n linux-image-4.18.0-20-snapdragon 4.18.0-20.21\n linux-image-aws 4.18.0.1016.16\n linux-image-azure 4.18.0.1018.19\n linux-image-gcp 4.18.0.1011.11\n linux-image-generic 4.18.0.20.21\n linux-image-generic-lpae 4.18.0.20.21\n linux-image-gke 4.18.0.1011.11\n linux-image-kvm 4.18.0.1012.12\n linux-image-lowlatency 4.18.0.20.21\n linux-image-powerpc-e500mc 4.18.0.20.21\n linux-image-powerpc-smp 4.18.0.20.21\n linux-image-powerpc64-emb 4.18.0.20.21\n linux-image-powerpc64-smp 4.18.0.20.21\n linux-image-raspi2 4.18.0.1014.11\n linux-image-snapdragon 4.18.0.20.21\n linux-image-virtual 4.18.0.20.21\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nPlease note that fully mitigating the Microarchitectural Data Sampling\n(MDS) issues (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and\nCVE-2019-11091) requires corresponding processor microcode/firmware\nupdates or, in virtual environments, hypervisor updates. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n============================================================================\nFreeBSD-SA-19:26.mcu Security Advisory\n The FreeBSD Project\n\nTopic: Intel CPU Microcode Update\n\nCategory: 3rd party\nModule: Intel CPU microcode\nAnnounced: 2019-11-12\nCredits: Intel\nAffects: All supported versions of FreeBSD running on certain\n\t\tIntel CPUs. \nCVE Name: CVE-2019-11135, CVE-2019-11139, CVE-2018-12126,\n CVE-2018-12127, CVE-2018-12130, CVE-2018-11091,\n CVE-2017-5715\n\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\n- From time to time Intel releases new CPU microcode to address functional\nissues and security vulnerabilities. Such a release is also known as a\nMicro Code Update (MCU), and is a component of a broader Intel Platform\nUpdate (IPU). FreeBSD distributes CPU microcode via the devcpu-data port\nand package. \n\nII. Problem Description\n\nStarting with version 1.26, the devcpu-data port/package includes updates and\nmitigations for the following technical and security advisories (depending\non CPU model). \n\nIntel TSX Updates (TAA) CVE-2019-11135\nVoltage Modulation Vulnerability CVE-2019-11139\nMD_CLEAR Operations CVE-2018-12126\n CVE-2018-12127\n CVE-2018-12130\n CVE-2018-11091\nTA Indirect Sharing CVE-2017-5715\nEGETKEY CVE-2018-12126\n CVE-2018-12127\n CVE-2018-12130\n CVE-2018-11091\nJCC SKX102 Erratum\n\nUpdated microcode includes mitigations for CPU issues, but may also cause a\nperformance regression due to the JCC erratum mitigation. Please visit\nhttp://www.intel.com/benchmarks for further information. \n\nPlease visit http://www.intel.com/security for detailed information on\nthese advisories as well as a list of CPUs that are affected. \n\nIII. Impact\n\nOperating a CPU without the latest microcode may result in erratic or\nunpredictable behavior, including system crashes and lock ups. Certain\nissues listed in this advisory may result in the leakage of privileged\nsystem information to unprivileged users. \n\nIV. Workaround\n\nTo determine if TSX is present in your system, run the following:\n\n1. kldload cpuctl\n\n2. cpucontrol -i 7 /dev/cpuctl0\n\nIf bits 4 (0x10) and 11 (0x800) are set in the second response word (EBX),\nTSX is present. \n\nIn the absence of updated microcode, TAA can be mitigated by enabling the\nMDS mitigation:\n\n3. sysctl hw.mds_disable=1\n\nSystems must be running FreeBSD 11.3, FreeBSD 12.1, or later for this to\nwork. \n\n*IMPORTANT*\nIf your use case can tolerate leaving the CPU issues unmitigated and cannot\ntolerate a performance regression, ensure that the devcpu-data package is\nnot installed or is locked at 1.25 or earlier. \n\n# pkg delete devcpu-data\n\nor\n\n# pkg lock devcpu-data\n\nLater versions of the LLVM and GCC compilers will include changes that\npartially relieve the peformance impact. \n\nV. Solution\n\nInstall the latest Intel Microcode Update via the devcpu-data port/package,\nversion 1.26 or later. \n\nUpdated microcode adds the ability to disable TSX. With updated microcode\nthe issue can still be mitigated by enabling the MDS mitigation as\ndescribed in the workaround section, or by disabling TSX instead:\n\n1. kldload cpuctl\n\n2. cpucontrol -i 7 /dev/cpuctl0\n\nIf bit 29 (0x20000000) is set in the fourth response word (EDX), then the\n0x10a MSR is present. cpucontrol -m 0x10a /dev/cpuctl0\n\nIf bit 8 (0x100) of the response word is set, your CPU is not vulnerable to\nTAA and no further action is required. \n\nIf bit 7 (0x80) is cleared, then your CPU does not have updated microcode\nthat facilitates TSX to be disabled. The only remedy available is to\nenable the MDS mitigation, as documented above. cpucontrol -m 0x122=3 /dev/cpuctl0\n\nRepeat step 4 for each numbered CPU that is present. \n\nA future kernel change to FreeBSD will provide automatic detection and\nmitigation for TAA. \n\nLLVM 9.0 will be updated in FreeBSD 13-current to address the JCC\npeformance impact. Updates to prior versions of LLVM are currently being\nevaluated. \n\nVI. Correction details\n\nThere are currently no changes in FreeBSD to address this issue. \n\nVII. \n\nSoftware Description:\n- intel-microcode: Processor microcode for Intel CPUs\n\nDetails:\n\nUSN-3977-1 provided mitigations for Microarchitectural Data Sampling\n(MDS) vulnerabilities in Intel Microcode for a large number of Intel\nprocessor families. This update provides the corresponding updated\nmicrocode mitigations for Intel Cherry Trail and Bay Trail processor\nfamilies. Relevant releases/architectures:\n\nRHV-M 4.2 - noarch\n\n3. \nIt includes the configuration of the Red Hat Support plugin, copying\ndownstream-only artifacts to the ISO domain, and links to the knowledgebase\nand other support material. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202003-56\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Xen: Multiple vulnerabilities\n Date: March 25, 2020\n Bugs: #686024, #699048, #699996, #702644\n ID: 202003-56\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Xen, the worst of which\ncould allow for privilege escalation. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/xen \u003c 4.12.0-r1 \u003e= 4.12.0-r1\n 2 app-emulation/xen-tools \u003c 4.12.0-r1 \u003e= 4.12.0-r1\n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nreferenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Xen users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.12.0-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-12126\n https://nvd.nist.gov/vuln/detail/CVE-2018-12126\n[ 2 ] CVE-2018-12127\n https://nvd.nist.gov/vuln/detail/CVE-2018-12127\n[ 3 ] CVE-2018-12130\n https://nvd.nist.gov/vuln/detail/CVE-2018-12130\n[ 4 ] CVE-2018-12207\n https://nvd.nist.gov/vuln/detail/CVE-2018-12207\n[ 5 ] CVE-2018-12207\n https://nvd.nist.gov/vuln/detail/CVE-2018-12207\n[ 6 ] CVE-2019-11091\n https://nvd.nist.gov/vuln/detail/CVE-2019-11091\n[ 7 ] CVE-2019-11135\n https://nvd.nist.gov/vuln/detail/CVE-2019-11135\n[ 8 ] CVE-2019-18420\n https://nvd.nist.gov/vuln/detail/CVE-2019-18420\n[ 9 ] CVE-2019-18421\n https://nvd.nist.gov/vuln/detail/CVE-2019-18421\n[ 10 ] CVE-2019-18423\n https://nvd.nist.gov/vuln/detail/CVE-2019-18423\n[ 11 ] CVE-2019-18424\n https://nvd.nist.gov/vuln/detail/CVE-2019-18424\n[ 12 ] CVE-2019-18425\n https://nvd.nist.gov/vuln/detail/CVE-2019-18425\n[ 13 ] CVE-2019-19577\n https://nvd.nist.gov/vuln/detail/CVE-2019-19577\n[ 14 ] CVE-2019-19578\n https://nvd.nist.gov/vuln/detail/CVE-2019-19578\n[ 15 ] CVE-2019-19580\n https://nvd.nist.gov/vuln/detail/CVE-2019-19580\n[ 16 ] CVE-2019-19581\n https://nvd.nist.gov/vuln/detail/CVE-2019-19581\n[ 17 ] CVE-2019-19582\n https://nvd.nist.gov/vuln/detail/CVE-2019-19582\n[ 18 ] CVE-2019-19583\n https://nvd.nist.gov/vuln/detail/CVE-2019-19583\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-56\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: libvirt security update\nAdvisory ID: RHSA-2019:1180-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:1180\nIssue date: 2019-05-14\nCVE Names: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 \n CVE-2019-11091 \n=====================================================================\n\n1. Summary:\n\nAn update for libvirt is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - x86_64\n\n3. Description:\n\nThe libvirt library contains a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems. In\naddition, libvirt provides tools for remote management of virtualized\nsystems. \n\nSecurity Fix(es):\n\n* A flaw was found in the implementation of the \"fill buffer\", a mechanism\nused by modern CPUs when a cache-miss is made on L1 CPU cache. If an\nattacker can generate a load operation that would create a page fault, the\nexecution will continue speculatively with incorrect data from the fill\nbuffer while the data is fetched from higher level caches. This response\ntime can be measured to infer data in the fill buffer. (CVE-2018-12130)\n\n* Modern Intel microprocessors implement hardware-level micro-optimizations\nto improve the performance of writing data back to CPU caches. The write\noperation is split into STA (STore Address) and STD (STore Data)\nsub-operations. These sub-operations allow the processor to hand-off\naddress generation logic into these sub-operations for optimized writes. \nBoth of these sub-operations write to a shared distributed processor\nstructure called the \u0027processor store buffer\u0027. As a result, an unprivileged\nattacker could use this flaw to read private data resident within the CPU\u0027s\nprocessor store buffer. (CVE-2018-12126)\n\n* Microprocessors use a \u2018load port\u2019 subcomponent to perform load operations\nfrom memory or IO. During a load operation, the load port receives data\nfrom the memory or IO subsystem and then provides the data to the CPU\nregisters and operations in the CPU\u2019s pipelines. Stale load operations\nresults are stored in the \u0027load port\u0027 table until overwritten by newer\noperations. Certain load-port operations triggered by an attacker can be\nused to reveal data about previous stale requests leaking data back to the\nattacker via a timing side-channel. (CVE-2019-11091)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, libvirtd will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS)\n1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)\n1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)\n1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nlibvirt-0.10.2-64.el6_10.1.src.rpm\n\ni386:\nlibvirt-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-client-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-python-0.10.2-64.el6_10.1.i686.rpm\n\nx86_64:\nlibvirt-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-client-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-client-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-python-0.10.2-64.el6_10.1.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.i686.rpm\n\nx86_64:\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nlibvirt-0.10.2-64.el6_10.1.src.rpm\n\nx86_64:\nlibvirt-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-client-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-client-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-python-0.10.2-64.el6_10.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nlibvirt-0.10.2-64.el6_10.1.src.rpm\n\ni386:\nlibvirt-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-client-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-python-0.10.2-64.el6_10.1.i686.rpm\n\nppc64:\nlibvirt-0.10.2-64.el6_10.1.ppc64.rpm\nlibvirt-client-0.10.2-64.el6_10.1.ppc.rpm\nlibvirt-client-0.10.2-64.el6_10.1.ppc64.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.ppc.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.ppc64.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.ppc.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.ppc64.rpm\nlibvirt-python-0.10.2-64.el6_10.1.ppc64.rpm\n\ns390x:\nlibvirt-0.10.2-64.el6_10.1.s390x.rpm\nlibvirt-client-0.10.2-64.el6_10.1.s390.rpm\nlibvirt-client-0.10.2-64.el6_10.1.s390x.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.s390.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.s390x.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.s390.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.s390x.rpm\nlibvirt-python-0.10.2-64.el6_10.1.s390x.rpm\n\nx86_64:\nlibvirt-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-client-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-client-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-python-0.10.2-64.el6_10.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nx86_64:\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nlibvirt-0.10.2-64.el6_10.1.src.rpm\n\ni386:\nlibvirt-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-client-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-python-0.10.2-64.el6_10.1.i686.rpm\n\nx86_64:\nlibvirt-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-client-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-client-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.i686.rpm\nlibvirt-devel-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-python-0.10.2-64.el6_10.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nx86_64:\nlibvirt-debuginfo-0.10.2-64.el6_10.1.x86_64.rpm\nlibvirt-lock-sanlock-0.10.2-64.el6_10.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-12126\nhttps://access.redhat.com/security/cve/CVE-2018-12127\nhttps://access.redhat.com/security/cve/CVE-2018-12130\nhttps://access.redhat.com/security/cve/CVE-2019-11091\nhttps://access.redhat.com/security/vulnerabilities/mds\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXNsJuNzjgjWX9erEAQhuig/7B0ZCV6Np07w9O5y2hyX9OYuOPTWWOuuj\naR8ndZOC8FCgp630HSEB/Hi17XzCDCYRQusAKcfnSrDIPLJNbr2I0b3RxvXNiKu/\ncfksAhrA6XtdcW4LXSSRvIQGNrBSFGiv1QCYie+ER8JzRCe8+0/K0soMOubg5ZUz\n78TQeK87McXoGPAqlNrDW3h1EGpq6SJDSPJg3Q598L1di4s0HUHthV9HcjXYUlqV\nG2xP1mkq4P6iOmUEqQ45Kq6ntPhFPjaiR/vMz9Tj6B6Kmpb9/IxVpQ84dTideOG9\nad3O1ZPGHchITcKntYZ9IePeIhYoUFeNKccJ9J0h1JvQ7utWmS9j6zBgWmOaReb0\nRbhFggIlHQ9Oxxv/jcEz9eU4n+VzGF+Dzv0lhnFNfE5HTer4YFRI+Fm58SkVb1hO\n3+hIj1sMrIMm86MmCfB/MnmQeSCy8WJRyjUDkbMTAqN6xOAyDfW0h4DKw0YtS6ml\nWeubwvnad9ltJslFUh4XCvKNJmNtC3b1YVehE9LpTRcBwpHr26OBs3iDFvHIU5jh\nmi971Lw8++SZzaYaBEN2+Eop2Dhk2IdMKsFk75OQLdRY94FIZ3hvteOY32tKQBn8\n+Xb+dfrSuoEnzSWULGH5LUxOYKik1SnpHphaCX+SBB3aClvCVOoxig7urLIM89Sq\n71dvSxshwr0=\n=CE4I\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. RHVH features a Cockpit user\ninterface for monitoring the host\u0027s resources and performing administrative\ntasks. These\npackages include redhat-release-virtualization-host, ovirt-node, and\nrhev-hypervisor. RHVH features a Cockpit user interface for\nmonitoring the host\u0027s resources and performing administrative tasks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12126"
},
{
"db": "CNVD",
"id": "CNVD-2019-22231"
},
{
"db": "VULHUB",
"id": "VHN-122054"
},
{
"db": "PACKETSTORM",
"id": "152922"
},
{
"db": "PACKETSTORM",
"id": "152925"
},
{
"db": "PACKETSTORM",
"id": "152923"
},
{
"db": "PACKETSTORM",
"id": "152938"
},
{
"db": "PACKETSTORM",
"id": "155281"
},
{
"db": "PACKETSTORM",
"id": "153049"
},
{
"db": "PACKETSTORM",
"id": "152931"
},
{
"db": "PACKETSTORM",
"id": "156920"
},
{
"db": "PACKETSTORM",
"id": "152880"
},
{
"db": "PACKETSTORM",
"id": "152920"
}
],
"trust": 2.43
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-12126",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "155281",
"trust": 1.2
},
{
"db": "MCAFEE",
"id": "SB10292",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-616472",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2019-22231",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "152938",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152922",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152931",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "156920",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152925",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152920",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152923",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152880",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "153049",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152899",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152902",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152908",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152891",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152907",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152911",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152919",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153389",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155956",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152904",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152900",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152886",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152896",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152884",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152885",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152882",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152924",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152905",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152916",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152875",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152898",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152894",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152874",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152889",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152918",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152895",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152962",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152892",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153248",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152890",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152932",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152888",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152901",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152942",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152926",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152879",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152937",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152887",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152876",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152929",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152921",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153379",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152935",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152906",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152881",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152917",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201905-621",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-122054",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
},
{
"db": "VULHUB",
"id": "VHN-122054"
},
{
"db": "PACKETSTORM",
"id": "152922"
},
{
"db": "PACKETSTORM",
"id": "152925"
},
{
"db": "PACKETSTORM",
"id": "152923"
},
{
"db": "PACKETSTORM",
"id": "152938"
},
{
"db": "PACKETSTORM",
"id": "155281"
},
{
"db": "PACKETSTORM",
"id": "153049"
},
{
"db": "PACKETSTORM",
"id": "152931"
},
{
"db": "PACKETSTORM",
"id": "156920"
},
{
"db": "PACKETSTORM",
"id": "152880"
},
{
"db": "PACKETSTORM",
"id": "152920"
},
{
"db": "NVD",
"id": "CVE-2018-12126"
}
]
},
"id": "VAR-201905-0709",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
},
{
"db": "VULHUB",
"id": "VHN-122054"
}
],
"trust": 1.420027655
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
}
]
},
"last_update_date": "2026-04-10T23:12:45.383000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Patches for multiple Intel Product Information Disclosure Vulnerabilities (CNVD-2019-22231)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/168513"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122054"
},
{
"db": "NVD",
"id": "CVE-2018-12126"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202003-56"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/jun/28"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/jun/36"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/nov/16"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/nov/15"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2020/jan/21"
},
{
"trust": 1.1,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
},
{
"trust": 1.1,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"trust": 1.1,
"url": "https://www.synology.com/security/advisory/synology_sa_19_24"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2020/dsa-4602"
},
{
"trust": 1.1,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-19:07.mds.asc"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-19:26.mcu.asc"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/155281/freebsd-security-advisory-freebsd-sa-19-26.mcu.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00018.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1455"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:2553"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3977-3/"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12126"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12130"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12127"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/oh73sgtj575obcpsjfx6lx7kp2kzien4/"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10292"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11091"
},
{
"trust": 0.6,
"url": "https://usn.ubuntu.com/3977-1/"
},
{
"trust": 0.4,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/mds"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-11091"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/vulnerabilities/mds"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2018-12127"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2018-12130"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2018-12126"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3882"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3874"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9503"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9500"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11135"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10292"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/oh73sgtj575obcpsjfx6lx7kp2kzien4/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.18.0-1014.16"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.18.0-1016.18"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3980-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.18.0-1012.12"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.18.0-1011.12"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3887"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.18.0-1018.18"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.18.0-20.21"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1207"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1109.117"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-148.174"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1046.52"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1113.118"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1083.93"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3982-1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3981-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-50.54~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1013.15~16.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3981-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1032.34~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1045.49"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12126\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11091\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11139"
},
{
"trust": 0.1,
"url": "https://software.intel.com/security-software-guidance/software-guidance/intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12130\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12127\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5715\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11139\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://blogs.intel.com/technology/2019/11/ipas-november-2019-intel-platform-update-ipu/\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11135\u003e"
},
{
"trust": 0.1,
"url": "https://www.intel.com/content/www/us/en/support/articles/000055650.html\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-19:26.mcu.asc\u003e"
},
{
"trust": 0.1,
"url": "http://www.intel.com/benchmarks"
},
{
"trust": 0.1,
"url": "http://www.intel.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11091"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.18.10.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.18.04.3"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3977-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.16.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20190514.0ubuntu0.19.04.3"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3977-2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12207"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19583"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18423"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19581"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19580"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18425"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19578"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1209"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
},
{
"db": "VULHUB",
"id": "VHN-122054"
},
{
"db": "PACKETSTORM",
"id": "152922"
},
{
"db": "PACKETSTORM",
"id": "152925"
},
{
"db": "PACKETSTORM",
"id": "152923"
},
{
"db": "PACKETSTORM",
"id": "152938"
},
{
"db": "PACKETSTORM",
"id": "155281"
},
{
"db": "PACKETSTORM",
"id": "153049"
},
{
"db": "PACKETSTORM",
"id": "152931"
},
{
"db": "PACKETSTORM",
"id": "156920"
},
{
"db": "PACKETSTORM",
"id": "152880"
},
{
"db": "PACKETSTORM",
"id": "152920"
},
{
"db": "NVD",
"id": "CVE-2018-12126"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-22231",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-122054",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "152922",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "152925",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "152923",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "152938",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "155281",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153049",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "152931",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "156920",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "152880",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "152920",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-12126",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-07-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-22231",
"ident": null
},
{
"date": "2019-05-30T00:00:00",
"db": "VULHUB",
"id": "VHN-122054",
"ident": null
},
{
"date": "2019-05-15T15:38:19",
"db": "PACKETSTORM",
"id": "152922",
"ident": null
},
{
"date": "2019-05-15T15:40:45",
"db": "PACKETSTORM",
"id": "152925",
"ident": null
},
{
"date": "2019-05-15T15:38:53",
"db": "PACKETSTORM",
"id": "152923",
"ident": null
},
{
"date": "2019-05-15T15:49:05",
"db": "PACKETSTORM",
"id": "152938",
"ident": null
},
{
"date": "2019-11-12T21:46:17",
"db": "PACKETSTORM",
"id": "155281",
"ident": null
},
{
"date": "2019-05-23T16:30:58",
"db": "PACKETSTORM",
"id": "153049",
"ident": null
},
{
"date": "2019-05-15T15:45:32",
"db": "PACKETSTORM",
"id": "152931",
"ident": null
},
{
"date": "2020-03-26T14:46:06",
"db": "PACKETSTORM",
"id": "156920",
"ident": null
},
{
"date": "2019-05-15T15:05:39",
"db": "PACKETSTORM",
"id": "152880",
"ident": null
},
{
"date": "2019-05-15T15:37:47",
"db": "PACKETSTORM",
"id": "152920",
"ident": null
},
{
"date": "2019-05-30T16:29:00.870000",
"db": "NVD",
"id": "CVE-2018-12126",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-07-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-22231",
"ident": null
},
{
"date": "2019-06-11T00:00:00",
"db": "VULHUB",
"id": "VHN-122054",
"ident": null
},
{
"date": "2024-11-21T03:44:38.583000",
"db": "NVD",
"id": "CVE-2018-12126",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "152922"
},
{
"db": "PACKETSTORM",
"id": "152923"
},
{
"db": "PACKETSTORM",
"id": "152938"
},
{
"db": "PACKETSTORM",
"id": "153049"
}
],
"trust": 0.4
},
"title": {
"_id": null,
"data": "Multiple Intel Product Information Disclosure Vulnerabilities (CNVD-2019-22231)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22231"
}
],
"trust": 0.6
}
}
VAR-201905-1057
Vulnerability from variot - Updated: 2026-03-09 20:18Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Linux for Intel(R) i915 Graphics Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Linux Kernel is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to to gain elevated privileges. Linux versions prior to 5.0 are vulnerable. (CVE-2018-13053). 7.4) - noarch, x86_64
Bug Fix(es):
- core: backports from upstream (BZ#1794372)
Enhancement(s):
-
Selective backport: perf: Sync with upstream v4.16 (BZ#1782750)
-
8) - aarch64, noarch, ppc64le, s390x, x86_64
Bug Fix(es):
-
[DELL 8.0 z-stream BUG] - "CPU unsupported" message with CFL-H/S 8+2 due to updated Stepping (BZ#1711048)
-
RHEL8.0 Snapshot4 - [LTC Test] Guest crashes during vfio device hot-plug/un-plug operations. (kvm) (BZ#1714746)
-
Using Transactional Memory (TM) in a Guest Locks-up Host Core on a Power9 System (BZ#1714751)
-
VRSAVE register not properly saved and restored (BZ#1714753)
-
Fix potential spectre gadget in arch/s390/kvm/interrupt.c (BZ#1714754)
-
RHEL8.0 RC2 - kernel/KVM - count cache flush Spectre v2 mitigation (required for POWER9 DD2.3) (BZ#1715018)
-
iommu/amd: Set exclusion range correctly (BZ#1715336)
-
RHEL8.0 - sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (BZ#1715337)
-
cross compile builds are broken (BZ#1715339)
-
Patch generated by 'make rh-test-patch' doesn't get applied during build (BZ#1715340)
-
hard lockup panic in during execution of CFS bandwidth period timer (BZ#1715345)
-
perf annotate -P does not give full paths (BZ#1716887)
-
[Dell EMC 8.0 BUG] File system corrupting with I/O Stress on H330 PERC on AMD Systems if IOMMU passthrough is disabled (BZ#1717344)
-
Fix Spectre v1 gadgets in drivers/gpu/drm/drm_bufs.c and drivers/gpu/drm/drm_ioctl.c (BZ#1717382)
-
BUG: SELinux doesn't handle NFS crossmnt well (BZ#1717777)
-
krb5{,i,p} doesn't work with older enctypes on aarch64 (BZ#1717800)
-
[RHEL-8.0][s390x]ltp-lite mtest06 testing hits EWD due to: rcu: INFO: rcu_sched self-detected stall on CPU (BZ#1717801)
-
RHEL 8 Snapshot-6: CN1200E SW iSCSI I/O performance degradation after a SCSI device/target reset rhel-8.0.0.z] (BZ#1717804)
-
dm cache metadata: Fix loading discard bitset (BZ#1717868)
-
jit'd java code on power9 ppc64le experiences stack corruption (BZ#1717869)
-
BUG: connect(AF_UNSPEC, ...) on a connected socket returns an error (BZ#1717870)
-
mm: BUG: unable to handle kernel paging request at 0000000057ac6e9d (BZ#1718237)
-
[HPE 8.0 BUG] DCPMM fsdax boot initialization takes a long time causing auto-mount to fail (BZ#1719635)
-
AMD Rome: WARNING: CPU: 1 PID: 0 at arch/x86/kernel/cpu/mcheck/mce.c:1510 mcheck_cpu_init+0x7a/0x460 (BZ#1721233)
-
[RHEL8.1] AMD Rome: EDAC amd64: Error: F0 not found, device 0x1460 (broken BIOS?) (BZ#1722365)
-
AMD Rome: Intermittent NMI received for unknown reason (BZ#1722367)
-
[DELL 8.0 BUG] - "CPU unsupported" message with WHL-U due to updated Stepping (BZ#1722372)
Enhancement(s):
- RHEL 8 - AMD Rome Support (BZ#1721972)
Users of kernel are advised to upgrade to these updated packages, which fix these bugs and add this enhancement. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
-
kernel-rt: update to the RHEL7.6.z batch#6 source tree (BZ#1718400)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2019:1873-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:1873 Issue date: 2019-07-29 CVE Names: CVE-2018-16871 CVE-2018-16884 CVE-2019-11085 CVE-2019-11811 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Security Fix(es):
-
kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
-
kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085)
-
kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)
-
kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es) and Enhancement(s):
These updated kernel packages include also numerous bug fixes and add several enhancements. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/4309211
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-957.27.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm kernel-doc-3.10.0-957.27.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-957.27.2.el7.x86_64.rpm kernel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-headers-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm perf-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-957.27.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm kernel-doc-3.10.0-957.27.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-957.27.2.el7.x86_64.rpm kernel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-headers-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm perf-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-957.27.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm kernel-doc-3.10.0-957.27.2.el7.noarch.rpm
ppc64: kernel-3.10.0-957.27.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-957.27.2.el7.ppc64.rpm kernel-debug-3.10.0-957.27.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-957.27.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-957.27.2.el7.ppc64.rpm kernel-devel-3.10.0-957.27.2.el7.ppc64.rpm kernel-headers-3.10.0-957.27.2.el7.ppc64.rpm kernel-tools-3.10.0-957.27.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-957.27.2.el7.ppc64.rpm perf-3.10.0-957.27.2.el7.ppc64.rpm perf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm python-perf-3.10.0-957.27.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm
ppc64le: kernel-3.10.0-957.27.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-957.27.2.el7.ppc64le.rpm kernel-debug-3.10.0-957.27.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.27.2.el7.ppc64le.rpm kernel-devel-3.10.0-957.27.2.el7.ppc64le.rpm kernel-headers-3.10.0-957.27.2.el7.ppc64le.rpm kernel-tools-3.10.0-957.27.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-957.27.2.el7.ppc64le.rpm perf-3.10.0-957.27.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm python-perf-3.10.0-957.27.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm
s390x: kernel-3.10.0-957.27.2.el7.s390x.rpm kernel-debug-3.10.0-957.27.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-957.27.2.el7.s390x.rpm kernel-debug-devel-3.10.0-957.27.2.el7.s390x.rpm kernel-debuginfo-3.10.0-957.27.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-957.27.2.el7.s390x.rpm kernel-devel-3.10.0-957.27.2.el7.s390x.rpm kernel-headers-3.10.0-957.27.2.el7.s390x.rpm kernel-kdump-3.10.0-957.27.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-957.27.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-957.27.2.el7.s390x.rpm perf-3.10.0-957.27.2.el7.s390x.rpm perf-debuginfo-3.10.0-957.27.2.el7.s390x.rpm python-perf-3.10.0-957.27.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.s390x.rpm
x86_64: bpftool-3.10.0-957.27.2.el7.x86_64.rpm kernel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-headers-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm perf-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: kernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-957.27.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-957.27.2.el7.ppc64.rpm perf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-957.27.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.27.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-957.27.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-957.27.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm kernel-doc-3.10.0-957.27.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-957.27.2.el7.x86_64.rpm kernel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-devel-3.10.0-957.27.2.el7.x86_64.rpm kernel-headers-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm perf-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-16871 https://access.redhat.com/security/cve/CVE-2018-16884 https://access.redhat.com/security/cve/CVE-2019-11085 https://access.redhat.com/security/cve/CVE-2019-11811 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/4309211
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXT8OHtzjgjWX9erEAQjJ6hAAkyTYDPmFaW3TIWmrAC3QWuCJt3uBLlcX GNpw9Uqpj1yCc+ThaYobWnCMiSAFbPSs0A2iZnXiaM+pbsZj2MIfWRoTehoTZFDl 60VRCW4218Id3MYioJgtgyKvGX/Ol1LLlr4VtqIL8sTUZjhV7gqN3wlRvQSHcaOW yIaxzWO+ci8XTQ/glXwpAfmLPsd5urYnU2IyCv+5NDvKl9TFAPFqpS8xWDnQHgT1 o82j4MQhcZPjc0n7iawrLsuCegbyATN17M0JcGi4mdoghkem2X0PWR52cpyN7Isi bF8x4tJv9d3IUp8Wxsk1iz0dl94F4KWJ8sP7+ScT9SForWAss4WZ9s3Kb8z7ouIO zzHW0C3Si2DYXxqgc/H2RAcf31sRxAzltNuiVibAyrW2gKCFw0Cdwy+U3zSloY/M gb3kmQQQlZrezdxvDb/vVqD6jqIhPx4ewUVIBptyvnB7Ax23K00kP6FBZoXGdbhd t/9e+kykPXHyi0UZXBmF/JqTj6Z0X/aA+RoqsZovHZnXZ4hrST8pYxMUsWZ6LT1O sxmMlId4rPN9TgW6CxxziWnMwl4XEjWIby06vxY+tATYCk0LhkOqnQ8FdU/33rYm pI0ov4cV/T5rCBdIvGKDZumykq6eOWfIEVEZA36cs7iBgVCNYocmwKSFEVfJumpP kB2g6E6xyDg=SfsH -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-4068-2 July 23, 2019
linux-hwe, linux-gcp vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11085)
It was discovered that a race condition leading to a use-after-free existed in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, a local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11815)
It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11833)
It was discovered that the Bluetooth Human Interface Device Protocol (HIDP) implementation in the Linux kernel did not properly verify strings were NULL terminated in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11884)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: linux-image-4.15.0-1037-gcp 4.15.0-1037.39~16.04.1 linux-image-4.15.0-55-generic 4.15.0-55.60~16.04.2 linux-image-4.15.0-55-generic-lpae 4.15.0-55.60~16.04.2 linux-image-4.15.0-55-lowlatency 4.15.0-55.60~16.04.2 linux-image-gcp 4.15.0.1037.51 linux-image-generic-hwe-16.04 4.15.0.55.76 linux-image-generic-lpae-hwe-16.04 4.15.0.55.76 linux-image-gke 4.15.0.1037.51 linux-image-lowlatency-hwe-16.04 4.15.0.55.76 linux-image-oem 4.15.0.55.76 linux-image-virtual-hwe-16.04 4.15.0.55.76
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "i915",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "5.0"
},
{
"_id": null,
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.58"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.62"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.6.2"
},
{
"_id": null,
"model": "kernel 3.6-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.11-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.78"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.128"
},
{
"_id": null,
"model": "kernel 4.11-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.36"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.16"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.80"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.5"
},
{
"_id": null,
"model": "kernel 4.10-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.3"
},
{
"_id": null,
"model": "kernel 4.9-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.13-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.10"
},
{
"_id": null,
"model": "kernel 3.19-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.65"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.7"
},
{
"_id": null,
"model": "kernel 4.4-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.11"
},
{
"_id": null,
"model": "kernel 3.3-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.42"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.45"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.125"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.88"
},
{
"_id": null,
"model": "kernel 4.1-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.48"
},
{
"_id": null,
"model": "kernel 4.7-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.0-57"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63-2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.9"
},
{
"_id": null,
"model": "kernel 4.5-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.14.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.22"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.15"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.13"
},
{
"_id": null,
"model": "kernel 4.10-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.3"
},
{
"_id": null,
"model": "kernel 4.5-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18.11"
},
{
"_id": null,
"model": "kernel 3.14-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.12-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4"
},
{
"_id": null,
"model": "kernel 3.10-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.2.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.15"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.4"
},
{
"_id": null,
"model": "enterprise mrg",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.2"
},
{
"_id": null,
"model": "kernel 4.7-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.17"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.34"
},
{
"_id": null,
"model": "kernel 3.14-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.22"
},
{
"_id": null,
"model": "kernel 4.15-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.54"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.11"
},
{
"_id": null,
"model": "kernel 3.19-rc",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.71"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.18"
},
{
"_id": null,
"model": "kernel 3.15-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.87"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.90"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.30"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.29"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.53"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.3"
},
{
"_id": null,
"model": "kernel 4.17-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.19.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.71"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.71"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.67"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.40"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.31"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.26"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.70"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.8"
},
{
"_id": null,
"model": "kernel 4.4-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.15"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.22"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.5"
},
{
"_id": null,
"model": "kernel 3.9-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.5"
},
{
"_id": null,
"model": "kernel 4.9-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.1"
},
{
"_id": null,
"model": "kernel 4.14-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 3.13-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.29"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.105"
},
{
"_id": null,
"model": "kernel 3.14-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.17"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.62"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.2.8"
},
{
"_id": null,
"model": "kernel 4.11-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.24"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.76"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.11"
},
{
"_id": null,
"model": "kernel 3.9-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.24"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.47"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.44"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.27"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.82"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.55"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.91"
},
{
"_id": null,
"model": "kernel 3.8-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.3"
},
{
"_id": null,
"model": "kernel 4.5-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.21"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.81"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.50"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.37"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.3.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.8"
},
{
"_id": null,
"model": "kernel 4.11-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.36"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.59"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.11"
},
{
"_id": null,
"model": "kernel 3.19-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.26"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18.16"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.72"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.75"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.66"
},
{
"_id": null,
"model": "kernel 3.15-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.23"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.32"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.64"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.93"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.7"
},
{
"_id": null,
"model": "kernel 3.9-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.11-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.57"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.67"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.21"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.31"
},
{
"_id": null,
"model": "kernel 3.11-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.73"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.28"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.19.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.19"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.19.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.64"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.23"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.56"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.38"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.25"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.25"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.43"
},
{
"_id": null,
"model": "kernel 4.9-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.18"
},
{
"_id": null,
"model": "kernel 3.11-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.44"
},
{
"_id": null,
"model": "kernel 4.4-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.17"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.73"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.27"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.65"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.2"
},
{
"_id": null,
"model": "kernel 3.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "5.0"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.22"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.42"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.30"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4"
},
{
"_id": null,
"model": "kernel 4.16-rc",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.6"
},
{
"_id": null,
"model": "kernel rc7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.3"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "8"
},
{
"_id": null,
"model": "kernel 4.16-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.41"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.26"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.11"
},
{
"_id": null,
"model": "kernel 3.7-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.31"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.18"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.4"
},
{
"_id": null,
"model": "kernel 4.7-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.58"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.2"
},
{
"_id": null,
"model": "kernel 4.18-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.12"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.74"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.6"
},
{
"_id": null,
"model": "kernel 4.13-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.36"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.1"
},
{
"_id": null,
"model": "i915 graphics",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.81"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.72"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.16"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.16"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.38"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.6.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.52"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1.8"
},
{
"_id": null,
"model": "kernel 3.14-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.11"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.14"
},
{
"_id": null,
"model": "kernel 4.3-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.1-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.157"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.19.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.38"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.135"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.51"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.86"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.23"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.21"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.0"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.37"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.54"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.73"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.60"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.13"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.78"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.49"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.7.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.20"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.15"
},
{
"_id": null,
"model": "kernel 4.1-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 3.15-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.58"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.7.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.15"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.5.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.5"
},
{
"_id": null,
"model": "kernel 3.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.72"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.81"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.37"
},
{
"_id": null,
"model": "kernel 4.6-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.11-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.27"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.60"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.1"
},
{
"_id": null,
"model": "kernel 4.11-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.2"
},
{
"_id": null,
"model": "kernel 3.11-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.4"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.0-28"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1"
},
{
"_id": null,
"model": "kernel 3.9-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.17"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.20"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19"
},
{
"_id": null,
"model": "kernel 3.17-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.68"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.79"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.14"
},
{
"_id": null,
"model": "kernel 4.15-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.69"
},
{
"_id": null,
"model": "kernel 4.9-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.45"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.2"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.9"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.6.3"
},
{
"_id": null,
"model": "kernel rc6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.20.5"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.36"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.8"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.98"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.14"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.18.6"
},
{
"_id": null,
"model": "kernel 4.5-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 3.5-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.5"
},
{
"_id": null,
"model": "kernel 4.15-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.10"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.6"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.19"
},
{
"_id": null,
"model": "kernel 4.11-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 3.14-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.1"
},
{
"_id": null,
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.7"
},
{
"_id": null,
"model": "kernel 4.14-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"_id": null,
"model": "kernel 4.16-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "108488"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721"
},
{
"db": "NVD",
"id": "CVE-2019-11085"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"_id": null,
"data": "Ubuntu,Red Hat,Adam \u0027pi3\u0027 Zabrocki.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-761"
}
],
"trust": 0.6
},
"cve": "CVE-2019-11085",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11085",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-11085",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11085",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-11085",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-761",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-11085",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-11085"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-761"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721"
},
{
"db": "NVD",
"id": "CVE-2019-11085"
}
]
},
"description": {
"_id": null,
"data": "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Linux for Intel(R) i915 Graphics Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Linux Kernel is prone to a local privilege-escalation vulnerability. \nAn attacker can exploit this issue to to gain elevated privileges. \nLinux versions prior to 5.0 are vulnerable. (CVE-2018-13053). 7.4) - noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* core: backports from upstream (BZ#1794372)\n\nEnhancement(s):\n\n* Selective backport: perf: Sync with upstream v4.16 (BZ#1782750)\n\n4. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* [DELL 8.0 z-stream BUG] - \"CPU unsupported\" message with CFL-H/S 8+2 due\nto updated Stepping (BZ#1711048)\n\n* RHEL8.0 Snapshot4 - [LTC Test] Guest crashes during vfio device\nhot-plug/un-plug operations. (kvm) (BZ#1714746)\n\n* Using Transactional Memory (TM) in a Guest Locks-up Host Core on a Power9\nSystem (BZ#1714751)\n\n* VRSAVE register not properly saved and restored (BZ#1714753)\n\n* Fix potential spectre gadget in arch/s390/kvm/interrupt.c (BZ#1714754)\n\n* RHEL8.0 RC2 - kernel/KVM - count cache flush Spectre v2 mitigation\n(required for POWER9 DD2.3) (BZ#1715018)\n\n* iommu/amd: Set exclusion range correctly (BZ#1715336)\n\n* RHEL8.0 - sched/fair: Do not re-read -\u003eh_load_next during hierarchical\nload calculation (BZ#1715337)\n\n* cross compile builds are broken (BZ#1715339)\n\n* Patch generated by \u0027make rh-test-patch\u0027 doesn\u0027t get applied during build\n(BZ#1715340)\n\n* hard lockup panic in during execution of CFS bandwidth period timer\n(BZ#1715345)\n\n* perf annotate -P does not give full paths (BZ#1716887)\n\n* [Dell EMC 8.0 BUG] File system corrupting with I/O Stress on H330 PERC on\nAMD Systems if IOMMU passthrough is disabled (BZ#1717344)\n\n* Fix Spectre v1 gadgets in drivers/gpu/drm/drm_bufs.c and\ndrivers/gpu/drm/drm_ioctl.c (BZ#1717382)\n\n* BUG: SELinux doesn\u0027t handle NFS crossmnt well (BZ#1717777)\n\n* krb5{,i,p} doesn\u0027t work with older enctypes on aarch64 (BZ#1717800)\n\n* [RHEL-8.0][s390x]ltp-lite mtest06 testing hits EWD due to: rcu: INFO:\nrcu_sched self-detected stall on CPU (BZ#1717801)\n\n* RHEL 8 Snapshot-6: CN1200E SW iSCSI I/O performance degradation after a\nSCSI device/target reset rhel-8.0.0.z] (BZ#1717804)\n\n* dm cache metadata: Fix loading discard bitset (BZ#1717868)\n\n* jit\u0027d java code on power9 ppc64le experiences stack corruption\n(BZ#1717869)\n\n* BUG: connect(AF_UNSPEC, ...) on a connected socket returns an error\n(BZ#1717870)\n\n* mm: BUG: unable to handle kernel paging request at 0000000057ac6e9d\n(BZ#1718237)\n\n* [HPE 8.0 BUG] DCPMM fsdax boot initialization takes a long time causing\nauto-mount to fail (BZ#1719635)\n\n* AMD Rome: WARNING: CPU: 1 PID: 0 at arch/x86/kernel/cpu/mcheck/mce.c:1510\nmcheck_cpu_init+0x7a/0x460 (BZ#1721233)\n\n* [RHEL8.1] AMD Rome: EDAC amd64: Error: F0 not found, device 0x1460\n(broken BIOS?) (BZ#1722365)\n\n* AMD Rome: Intermittent NMI received for unknown reason (BZ#1722367)\n\n* [DELL 8.0 BUG] - \"CPU unsupported\" message with WHL-U due to updated\nStepping (BZ#1722372)\n\nEnhancement(s):\n\n* RHEL 8 - AMD Rome Support (BZ#1721972)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix\nthese bugs and add this enhancement. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* kernel-rt: update to the RHEL7.6.z batch#6 source tree (BZ#1718400)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security, bug fix, and enhancement update\nAdvisory ID: RHSA-2019:1873-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:1873\nIssue date: 2019-07-29\nCVE Names: CVE-2018-16871 CVE-2018-16884 CVE-2019-11085\n CVE-2019-11811\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. \n\nSecurity Fix(es):\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* kernel: insufficient input validation in kernel mode driver in Intel i915\ngraphics leads to privilege escalation (CVE-2019-11085)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS message\nsequence (CVE-2018-16871)\n\n* kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c,\nipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es) and Enhancement(s):\n\nThese updated kernel packages include also numerous bug fixes and add\nseveral enhancements. Space precludes documenting all of the bug fixes in\nthis advisory. See the descriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/4309211\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-957.27.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm\nkernel-doc-3.10.0-957.27.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-headers-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm\nperf-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-957.27.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm\nkernel-doc-3.10.0-957.27.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-headers-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm\nperf-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-957.27.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm\nkernel-doc-3.10.0-957.27.2.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-debug-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-devel-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-headers-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-tools-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-957.27.2.el7.ppc64.rpm\nperf-3.10.0-957.27.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\npython-perf-3.10.0-957.27.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-debug-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-devel-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-headers-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-tools-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-957.27.2.el7.ppc64le.rpm\nperf-3.10.0-957.27.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\npython-perf-3.10.0-957.27.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-957.27.2.el7.s390x.rpm\nkernel-debug-3.10.0-957.27.2.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.s390x.rpm\nkernel-debug-devel-3.10.0-957.27.2.el7.s390x.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-957.27.2.el7.s390x.rpm\nkernel-devel-3.10.0-957.27.2.el7.s390x.rpm\nkernel-headers-3.10.0-957.27.2.el7.s390x.rpm\nkernel-kdump-3.10.0-957.27.2.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-957.27.2.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-957.27.2.el7.s390x.rpm\nperf-3.10.0-957.27.2.el7.s390x.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.s390x.rpm\npython-perf-3.10.0-957.27.2.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.s390x.rpm\n\nx86_64:\nbpftool-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-headers-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm\nperf-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-957.27.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-957.27.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-957.27.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-957.27.2.el7.noarch.rpm\nkernel-doc-3.10.0-957.27.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-devel-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-headers-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-957.27.2.el7.x86_64.rpm\nperf-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-957.27.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.27.2.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-16871\nhttps://access.redhat.com/security/cve/CVE-2018-16884\nhttps://access.redhat.com/security/cve/CVE-2019-11085\nhttps://access.redhat.com/security/cve/CVE-2019-11811\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/4309211\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXT8OHtzjgjWX9erEAQjJ6hAAkyTYDPmFaW3TIWmrAC3QWuCJt3uBLlcX\nGNpw9Uqpj1yCc+ThaYobWnCMiSAFbPSs0A2iZnXiaM+pbsZj2MIfWRoTehoTZFDl\n60VRCW4218Id3MYioJgtgyKvGX/Ol1LLlr4VtqIL8sTUZjhV7gqN3wlRvQSHcaOW\nyIaxzWO+ci8XTQ/glXwpAfmLPsd5urYnU2IyCv+5NDvKl9TFAPFqpS8xWDnQHgT1\no82j4MQhcZPjc0n7iawrLsuCegbyATN17M0JcGi4mdoghkem2X0PWR52cpyN7Isi\nbF8x4tJv9d3IUp8Wxsk1iz0dl94F4KWJ8sP7+ScT9SForWAss4WZ9s3Kb8z7ouIO\nzzHW0C3Si2DYXxqgc/H2RAcf31sRxAzltNuiVibAyrW2gKCFw0Cdwy+U3zSloY/M\ngb3kmQQQlZrezdxvDb/vVqD6jqIhPx4ewUVIBptyvnB7Ax23K00kP6FBZoXGdbhd\nt/9e+kykPXHyi0UZXBmF/JqTj6Z0X/aA+RoqsZovHZnXZ4hrST8pYxMUsWZ6LT1O\nsxmMlId4rPN9TgW6CxxziWnMwl4XEjWIby06vxY+tATYCk0LhkOqnQ8FdU/33rYm\npI0ov4cV/T5rCBdIvGKDZumykq6eOWfIEVEZA36cs7iBgVCNYocmwKSFEVfJumpP\nkB2g6E6xyDg=SfsH\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-4068-2\nJuly 23, 2019\n\nlinux-hwe, linux-gcp vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. This update provides the corresponding updates for the\nLinux Hardware Enablement (HWE) kernel from Ubuntu 18.04 for Ubuntu\n16.04 LTS. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-11085)\n\nIt was discovered that a race condition leading to a use-after-free existed\nin the Reliable Datagram Sockets (RDS) protocol implementation in the Linux\nkernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, a\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2019-11815)\n\nIt was discovered that the ext4 file system implementation in the Linux\nkernel did not properly zero out memory in some situations. A local\nattacker could use this to expose sensitive information (kernel memory). \n(CVE-2019-11833)\n\nIt was discovered that the Bluetooth Human Interface Device Protocol (HIDP)\nimplementation in the Linux kernel did not properly verify strings were\nNULL terminated in certain situations. A local attacker could use this to\nexpose sensitive information (kernel memory). (CVE-2019-11884)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n linux-image-4.15.0-1037-gcp 4.15.0-1037.39~16.04.1\n linux-image-4.15.0-55-generic 4.15.0-55.60~16.04.2\n linux-image-4.15.0-55-generic-lpae 4.15.0-55.60~16.04.2\n linux-image-4.15.0-55-lowlatency 4.15.0-55.60~16.04.2\n linux-image-gcp 4.15.0.1037.51\n linux-image-generic-hwe-16.04 4.15.0.55.76\n linux-image-generic-lpae-hwe-16.04 4.15.0.55.76\n linux-image-gke 4.15.0.1037.51\n linux-image-lowlatency-hwe-16.04 4.15.0.55.76\n linux-image-oem 4.15.0.55.76\n linux-image-virtual-hwe-16.04 4.15.0.55.76\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11085"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721"
},
{
"db": "BID",
"id": "108488"
},
{
"db": "VULMON",
"id": "CVE-2019-11085"
},
{
"db": "PACKETSTORM",
"id": "156527"
},
{
"db": "PACKETSTORM",
"id": "153719"
},
{
"db": "PACKETSTORM",
"id": "153816"
},
{
"db": "PACKETSTORM",
"id": "153787"
},
{
"db": "PACKETSTORM",
"id": "153789"
},
{
"db": "PACKETSTORM",
"id": "153728"
},
{
"db": "PACKETSTORM",
"id": "153828"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2019-11085",
"trust": 3.5
},
{
"db": "BID",
"id": "108488",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156527",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "153719",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0549",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0693",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2155",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2256",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2753",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2231",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2171",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156405",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201905-761",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-11085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153816",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153787",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153789",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153728",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153828",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-11085"
},
{
"db": "BID",
"id": "108488"
},
{
"db": "PACKETSTORM",
"id": "156527"
},
{
"db": "PACKETSTORM",
"id": "153719"
},
{
"db": "PACKETSTORM",
"id": "153816"
},
{
"db": "PACKETSTORM",
"id": "153787"
},
{
"db": "PACKETSTORM",
"id": "153789"
},
{
"db": "PACKETSTORM",
"id": "153728"
},
{
"db": "PACKETSTORM",
"id": "153828"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-761"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721"
},
{
"db": "NVD",
"id": "CVE-2019-11085"
}
]
},
"id": "VAR-201905-1057",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.673523948
},
"last_update_date": "2026-03-09T20:18:18.148000Z",
"patch": {
"_id": null,
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00249",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191873 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191971 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200592 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191891 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200609 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191959 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200543 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux-hwe, linux-gcp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4068-2"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-gcp, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4068-1"
},
{
"title": "Ubuntu Security Notice: linux-aws vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4118-1"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-11085"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004721"
},
{
"db": "NVD",
"id": "CVE-2019-11085"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108488"
},
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11085"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4068-2/"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k09376613"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4068-1/"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/cve/cve-2019-11085"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2019:1873"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:1891"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:1959"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:1971"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2020:0592"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2020:0543"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2020:0609"
},
{
"trust": 0.9,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/gpu/drm/i915/gvt/kvmgt.c?id=51b00d8509dc69c98740da2ad07308b630d3eb7d"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710405"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11085"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191674-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191671-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191668-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191530-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191529-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191532-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191536-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1103505"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1103493"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1103499"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191550-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191535-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191534-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191533-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191527-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914089-1.html"
},
{
"trust": 0.6,
"url": "https://usn.ubuntu.com/4069-1/"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191581-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191588-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2171/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0693/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/153719/ubuntu-security-notice-usn-4068-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156405/red-hat-security-advisory-2020-0543-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156527/red-hat-security-advisory-2020-0592-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2256/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0549/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2753/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2231/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2155/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11811"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-11811"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11833"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11884"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11815"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4068-1"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-11810"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11810"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-20784"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20784"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16871"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-16871"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17133"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14895"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17133"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14895"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20976"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-55.60"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1037.39"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1041.44"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1018.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1044.46"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1058.64"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1039.39"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/4309211"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1037.39~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-55.60~16.04.2"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4068-2"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-11085"
},
{
"db": "BID",
"id": "108488"
},
{
"db": "PACKETSTORM",
"id": "156527"
},
{
"db": "PACKETSTORM",
"id": "153719"
},
{
"db": "PACKETSTORM",
"id": "153816"
},
{
"db": "PACKETSTORM",
"id": "153787"
},
{
"db": "PACKETSTORM",
"id": "153789"
},
{
"db": "PACKETSTORM",
"id": "153728"
},
{
"db": "PACKETSTORM",
"id": "153828"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-761"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721"
},
{
"db": "NVD",
"id": "CVE-2019-11085"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2019-11085",
"ident": null
},
{
"db": "BID",
"id": "108488",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "156527",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153719",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153816",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153787",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153789",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153728",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153828",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201905-761",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004721",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2019-11085",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11085",
"ident": null
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108488",
"ident": null
},
{
"date": "2020-02-25T15:23:08",
"db": "PACKETSTORM",
"id": "156527",
"ident": null
},
{
"date": "2019-07-23T11:11:11",
"db": "PACKETSTORM",
"id": "153719",
"ident": null
},
{
"date": "2019-07-30T18:20:10",
"db": "PACKETSTORM",
"id": "153816",
"ident": null
},
{
"date": "2019-07-29T18:57:00",
"db": "PACKETSTORM",
"id": "153787",
"ident": null
},
{
"date": "2019-07-29T18:57:17",
"db": "PACKETSTORM",
"id": "153789",
"ident": null
},
{
"date": "2019-07-23T19:32:11",
"db": "PACKETSTORM",
"id": "153728",
"ident": null
},
{
"date": "2019-07-30T18:54:20",
"db": "PACKETSTORM",
"id": "153828",
"ident": null
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-761",
"ident": null
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"ident": null
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004721",
"ident": null
},
{
"date": "2019-05-17T16:29:03.063000",
"db": "NVD",
"id": "CVE-2019-11085",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-05-31T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11085",
"ident": null
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108488",
"ident": null
},
{
"date": "2020-02-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-761",
"ident": null
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"ident": null
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004721",
"ident": null
},
{
"date": "2024-11-21T04:20:30.507000",
"db": "NVD",
"id": "CVE-2019-11085",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "BID",
"id": "108488"
},
{
"db": "PACKETSTORM",
"id": "153719"
},
{
"db": "PACKETSTORM",
"id": "153728"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-761"
}
],
"trust": 1.1
},
"title": {
"_id": null,
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "108488"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-761"
}
],
"trust": 0.9
}
}
VAR-201905-1177
Vulnerability from variot - Updated: 2024-11-23 21:22Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access. Intel(R) AMT Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An out-of-bounds write vulnerability exists in a subsystem in Intel AMT. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Intel AMT versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, and versions prior to 12.0.35
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1177",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0096",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-0096",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "VHN-140127",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2019-0096",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0096",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0096",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-0096",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-745",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-140127",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0096",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140127"
},
{
"db": "VULMON",
"id": "CVE-2019-0096"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-745"
},
{
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access. Intel(R) AMT Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An out-of-bounds write vulnerability exists in a subsystem in Intel AMT. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Intel AMT versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, and versions prior to 12.0.35",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0096"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"db": "VULHUB",
"id": "VHN-140127"
},
{
"db": "VULMON",
"id": "CVE-2019-0096"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0096",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-745",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140127",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0096",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140127"
},
{
"db": "VULMON",
"id": "CVE-2019-0096"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-745"
},
{
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"id": "VAR-201905-1177",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140127"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T21:22:24.149000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0096"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140127"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k84591451"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0096"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0096"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140127"
},
{
"db": "VULMON",
"id": "CVE-2019-0096"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-745"
},
{
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140127"
},
{
"db": "VULMON",
"id": "CVE-2019-0096"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-745"
},
{
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140127"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0096"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-745"
},
{
"date": "2019-05-17T16:29:01.283000",
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-140127"
},
{
"date": "2023-05-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0096"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004705"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-745"
},
{
"date": "2024-11-21T04:16:13.373000",
"db": "NVD",
"id": "CVE-2019-0096"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-745"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-745"
}
],
"trust": 0.6
}
}
VAR-201905-1176
Vulnerability from variot - Updated: 2024-11-23 21:18Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access. Intel(R) AMT Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Intel AMT versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, and versions prior to 12.0.35
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1176",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
}
]
},
"cve": "CVE-2019-0094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2019-0094",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-140125",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2019-0094",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-0094",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0094",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0094",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-746",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140125",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2019-0094",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140125"
},
{
"db": "VULMON",
"id": "CVE-2019-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-746"
},
{
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access. Intel(R) AMT Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Intel AMT versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, and versions prior to 12.0.35",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "VULHUB",
"id": "VHN-140125"
},
{
"db": "VULMON",
"id": "CVE-2019-0094"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0094",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-746",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140125",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0094",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140125"
},
{
"db": "VULMON",
"id": "CVE-2019-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-746"
},
{
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"id": "VAR-201905-1176",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140125"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T21:18:58.791000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140125"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k84591451"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0094"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0094"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140125"
},
{
"db": "VULMON",
"id": "CVE-2019-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-746"
},
{
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140125"
},
{
"db": "VULMON",
"id": "CVE-2019-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-746"
},
{
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140125"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0094"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-746"
},
{
"date": "2019-05-17T16:29:01.203000",
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-140125"
},
{
"date": "2023-05-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0094"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004704"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-746"
},
{
"date": "2024-11-21T04:16:13.243000",
"db": "NVD",
"id": "CVE-2019-0094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-746"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel(R) AMT Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004704"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-746"
}
],
"trust": 0.6
}
}
VAR-201905-1182
Vulnerability from variot - Updated: 2024-11-23 21:17A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. Intel Graphics Driver Contains a race condition vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. Intel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. The vulnerability stems from the improper handling of concurrent access when concurrent codes need to access shared resources mutually exclusive during the running of the network system or product
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1182",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.33.4578"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.31.4414"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.28.4332"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.26.4294"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.46.4885"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.43.4425"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.45.4653"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.34.4889"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.10.5069"
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.14.5067"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5057"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5056"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5067"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5069"
}
],
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Konstantin Wurster, and an Intel partner.",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-751"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0114",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CVE-2019-0114",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "VHN-140145",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.0,
"id": "CVE-2019-0114",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0114",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0114",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-751",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140145",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140145"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-751"
},
{
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. Intel Graphics Driver Contains a race condition vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. \nIntel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. The vulnerability stems from the improper handling of concurrent access when concurrent codes need to access shared resources mutually exclusive during the running of the network system or product",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0114"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "VULHUB",
"id": "VHN-140145"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0114",
"trust": 2.8
},
{
"db": "BID",
"id": "108385",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-751",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-26295",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140145",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140145"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-751"
},
{
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"id": "VAR-201905-1182",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140145"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T21:17:36.912000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00218",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140145"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108385"
},
{
"trust": 2.0,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0114"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0114"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26295"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140145"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-751"
},
{
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140145"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-751"
},
{
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140145"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-751"
},
{
"date": "2019-05-17T16:29:01.610000",
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-140145"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004714"
},
{
"date": "2019-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-751"
},
{
"date": "2024-11-21T04:16:15.390000",
"db": "NVD",
"id": "CVE-2019-0114"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-751"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competition condition problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-751"
}
],
"trust": 0.6
}
}
VAR-201905-0872
Vulnerability from variot - Updated: 2024-11-23 21:13Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel(R) CSME Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A buffer overflow vulnerability exists in the subsystems of Intel CSME versions 12.0.0 to 12.0.34. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0872",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "12.0.0 to 12.0.34"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0153",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-0153",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-140184",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0153",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0153",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-0153",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-754",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-140184",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-0153",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140184"
},
{
"db": "VULMON",
"id": "CVE-2019-0153"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-754"
},
{
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel(R) CSME Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A buffer overflow vulnerability exists in the subsystems of Intel CSME versions 12.0.0 to 12.0.34. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0153"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"db": "VULHUB",
"id": "VHN-140184"
},
{
"db": "VULMON",
"id": "CVE-2019-0153"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0153",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-754",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2211",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-18591",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140184",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0153",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140184"
},
{
"db": "VULMON",
"id": "CVE-2019-0153"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-754"
},
{
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"id": "VAR-201905-0872",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140184"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T21:13:03.400000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0153"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140184"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k71265658"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0153"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0153"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k10522033"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k21423526"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2211/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
},
{
"trust": 0.1,
"url": "https://support.hp.com//us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140184"
},
{
"db": "VULMON",
"id": "CVE-2019-0153"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-754"
},
{
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140184"
},
{
"db": "VULMON",
"id": "CVE-2019-0153"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-754"
},
{
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140184"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0153"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-754"
},
{
"date": "2019-05-17T16:29:02.093000",
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-140184"
},
{
"date": "2019-05-28T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0153"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004647"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-754"
},
{
"date": "2024-11-21T04:16:21.310000",
"db": "NVD",
"id": "CVE-2019-0153"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-754"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-754"
}
],
"trust": 0.6
}
}
VAR-201905-0865
Vulnerability from variot - Updated: 2024-11-23 21:02Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. Intel Quartus The software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Quartus Software is a set of software for hardware programming developed by Intel Corporation of the United States. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0865",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "quartus prime",
"scope": null,
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "18.1"
},
{
"model": "quartus ii",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "9.1"
},
{
"model": "quartus prime",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "15.1"
},
{
"model": "quartus ii",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "15.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0171",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0171",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-140202",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-0171",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0171",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-0171",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-757",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-140202",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140202"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-757"
},
{
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. Intel Quartus The software contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Quartus Software is a set of software for hardware programming developed by Intel Corporation of the United States. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0171"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"db": "VULHUB",
"id": "VHN-140202"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0171",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-757",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-18592",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140202",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140202"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-757"
},
{
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"id": "VAR-201905-0865",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140202"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T21:02:41.082000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00244",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140202"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k33245306"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0171"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0171"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140202"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-757"
},
{
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140202"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-757"
},
{
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140202"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-757"
},
{
"date": "2019-05-17T16:29:02.220000",
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140202"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004719"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-757"
},
{
"date": "2024-11-21T04:16:24.123000",
"db": "NVD",
"id": "CVE-2019-0171"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-757"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-757"
}
],
"trust": 0.6
}
}
VAR-201905-1184
Vulnerability from variot - Updated: 2024-11-23 21:01An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access. Intel Graphics Driver Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. Intel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. KMD is one of the input modules. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1184",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.33.4578"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.31.4414"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.28.4332"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.26.4294"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.46.4885"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.43.4425"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.45.4653"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.34.4889"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.10.5069"
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.14.5067"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5057"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5056"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5067"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5069"
}
],
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Konstantin Wurster, and an Intel partner.",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-762"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0116",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0116",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-140147",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0116",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0116",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0116",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-762",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140147",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-762"
},
{
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access. Intel Graphics Driver Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. \nIntel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. KMD is one of the input modules. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0116"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "VULHUB",
"id": "VHN-140147"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0116",
"trust": 2.8
},
{
"db": "BID",
"id": "108385",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-762",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-26295",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140147",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140147"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-762"
},
{
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"id": "VAR-201905-1184",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140147"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T21:01:00.624000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00218",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108385"
},
{
"trust": 2.0,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0116"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0116"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26295"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140147"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-762"
},
{
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140147"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-762"
},
{
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140147"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-762"
},
{
"date": "2019-05-17T16:29:01.737000",
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-140147"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004716"
},
{
"date": "2019-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-762"
},
{
"date": "2024-11-21T04:16:15.620000",
"db": "NVD",
"id": "CVE-2019-0116"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-762"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-762"
}
],
"trust": 0.6
}
}
VAR-201905-1180
Vulnerability from variot - Updated: 2024-11-23 21:00Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) SPS Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Server Platform Services (SPS) is a server platform service program of Intel Corporation. Permission and access control issues exist in subsystems of Intel SPS versions prior to SPS_E3_05.00.04.027.0. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1180",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "server platform services",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "sps_e3_05.00.04.027.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0099",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0099",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-140130",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-0099",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0099",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0099",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-748",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140130",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0099",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140130"
},
{
"db": "VULMON",
"id": "CVE-2019-0099"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-748"
},
{
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) SPS Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Server Platform Services (SPS) is a server platform service program of Intel Corporation. Permission and access control issues exist in subsystems of Intel SPS versions prior to SPS_E3_05.00.04.027.0. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0099"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"db": "VULHUB",
"id": "VHN-140130"
},
{
"db": "VULMON",
"id": "CVE-2019-0099"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0099",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-748",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-18586",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140130",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0099",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140130"
},
{
"db": "VULMON",
"id": "CVE-2019-0099"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-748"
},
{
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"id": "VAR-201905-1180",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140130"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T21:00:00.244000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0099"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140130"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k30105730"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0099"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0099"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140130"
},
{
"db": "VULMON",
"id": "CVE-2019-0099"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-748"
},
{
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140130"
},
{
"db": "VULMON",
"id": "CVE-2019-0099"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-748"
},
{
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140130"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0099"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-748"
},
{
"date": "2019-05-17T16:29:01.500000",
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140130"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0099"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004708"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-748"
},
{
"date": "2024-11-21T04:16:13.720000",
"db": "NVD",
"id": "CVE-2019-0099"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-748"
}
],
"trust": 0.6
}
}
VAR-201905-0868
Vulnerability from variot - Updated: 2024-11-23 20:55Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access. plural Intel The product contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. Attackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. are all products of Intel Corporation of the United States. Intel Pentium Processor J Series is a Pentium (Pentium) J series CPU (central processing unit). Intel Pentium Processor N Series is a Pentium (Pentium) N series CPU (central processing unit). Intel Celeron J Series is a Celeron J-series CPU (Central Processing Unit). The silicon reference firmware in several Intel products has an access control error vulnerability. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0868",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "atom x5-e3940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom x7-e3950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "n5000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2830",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver j5005",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "j4205",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3355",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3350",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "j3710",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3455",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver n5000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom 330",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4105",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom x5-e3930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2840",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "j5005",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3160",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3060",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "n3530",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "n3540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom 230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4005",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4005",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4105",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4000",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4100",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "j3710",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "j4205",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "j5005",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "n3530",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "n3540",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "n5000",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon scalable processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon d processor",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium silver processor series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute module",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor e3900 series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor a series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-767"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0120",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0120",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-140151",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0120",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0120",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0120",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-767",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140151",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140151"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-767"
},
{
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access. plural Intel The product contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. \nAttackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. are all products of Intel Corporation of the United States. Intel Pentium Processor J Series is a Pentium (Pentium) J series CPU (central processing unit). Intel Pentium Processor N Series is a Pentium (Pentium) N series CPU (central processing unit). Intel Celeron J Series is a Celeron J-series CPU (Central Processing Unit). The silicon reference firmware in several Intel products has an access control error vulnerability. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0120"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "VULHUB",
"id": "VHN-140151"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0120",
"trust": 2.8
},
{
"db": "BID",
"id": "108485",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-767",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-26294",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140151",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140151"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-767"
},
{
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"id": "VAR-201905-0868",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140151"
}
],
"trust": 0.797873084
},
"last_update_date": "2024-11-23T20:55:58.442000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00223",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140151"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108485"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k29002929"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0120"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.9,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0120"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26294"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140151"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-767"
},
{
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140151"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-767"
},
{
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140151"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-767"
},
{
"date": "2019-05-17T16:29:01.843000",
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140151"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004717"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-767"
},
{
"date": "2024-11-21T04:16:16.273000",
"db": "NVD",
"id": "CVE-2019-0120"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-767"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-767"
}
],
"trust": 0.6
}
}
VAR-201905-1252
Vulnerability from variot - Updated: 2024-11-23 20:54Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access. Intel Driver & Support Assistant is an Intel driver and support management tool from Intel Corporation. This tool is mainly used to get the latest applications provided by Intel. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1252",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "driver \\\u0026 support assistant",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "19.3.12.3"
},
{
"model": "driver and support assistant",
"scope": "lte",
"trust": 0.8,
"vendor": "intel",
"version": "19.3.12.3"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
}
]
},
"cve": "CVE-2019-11114",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11114",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-142728",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.8,
"id": "CVE-2019-11114",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11114",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-11114",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-768",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142728",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142728"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-768"
},
{
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient input validation in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access. Intel Driver \u0026 Support Assistant is an Intel driver and support management tool from Intel Corporation. This tool is mainly used to get the latest applications provided by Intel. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11114"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "VULHUB",
"id": "VHN-142728"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11114",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004709",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-768",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-18583",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-142728",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142728"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-768"
},
{
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"id": "VAR-201905-1252",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142728"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T20:54:04.611000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00252",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142728"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11114"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11114"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142728"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-768"
},
{
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142728"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-768"
},
{
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-142728"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-768"
},
{
"date": "2019-05-17T16:29:03.313000",
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-142728"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004709"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-768"
},
{
"date": "2024-11-21T04:20:33.813000",
"db": "NVD",
"id": "CVE-2019-11114"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-768"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel(R) Driver \u0026 Support Assistant Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004709"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-768"
}
],
"trust": 0.6
}
}
VAR-201905-1175
Vulnerability from variot - Updated: 2024-11-23 20:42Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access. Intel(R) CSME and SPS Contains an information disclosure vulnerability.Information may be obtained. Both Intel Converged Security and Management Engine (CSME) and Intel Server Platform Services (SPS) are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services is a server platform service program. The HECI subsystem is one of the host embedded controller interface subsystems. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. The following products and versions are affected: Intel CSME versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, versions prior to 12.0.35; Intel SPS versions prior to SPS_E3_05.00.04.027.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0"
},
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.0"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.0"
},
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "12.0.35"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0093",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0093",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-140124",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0093",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0093",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0093",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-744",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140124",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2019-0093",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140124"
},
{
"db": "VULMON",
"id": "CVE-2019-0093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-744"
},
{
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access. Intel(R) CSME and SPS Contains an information disclosure vulnerability.Information may be obtained. Both Intel Converged Security and Management Engine (CSME) and Intel Server Platform Services (SPS) are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services is a server platform service program. The HECI subsystem is one of the host embedded controller interface subsystems. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. The following products and versions are affected: Intel CSME versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, versions prior to 12.0.35; Intel SPS versions prior to SPS_E3_05.00.04.027.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"db": "VULHUB",
"id": "VHN-140124"
},
{
"db": "VULMON",
"id": "CVE-2019-0093"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0093",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-744",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2184",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-18587",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140124",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0093",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140124"
},
{
"db": "VULMON",
"id": "CVE-2019-0093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-744"
},
{
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"id": "VAR-201905-1175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140124"
}
],
"trust": 0.7550199566666667
},
"last_update_date": "2024-11-23T20:42:05.341000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140124"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://support.f5.com/csp/article/k13710800"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0093"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0093"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2184/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140124"
},
{
"db": "VULMON",
"id": "CVE-2019-0093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-744"
},
{
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140124"
},
{
"db": "VULMON",
"id": "CVE-2019-0093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-744"
},
{
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140124"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0093"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-744"
},
{
"date": "2019-05-17T16:29:01.140000",
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140124"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0093"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004744"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-744"
},
{
"date": "2024-11-21T04:16:13.127000",
"db": "NVD",
"id": "CVE-2019-0093"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-744"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-744"
}
],
"trust": 0.6
}
}
VAR-201905-1174
Vulnerability from variot - Updated: 2024-11-23 20:41Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) AMT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An input validation error vulnerability exists in a subsystem in Intel AMT. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Intel AMT versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, and versions prior to 12.0.35
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1174",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0092",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0092",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-140123",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-0092",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0092",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0092",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0092",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-743",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140123",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0092",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140123"
},
{
"db": "VULMON",
"id": "CVE-2019-0092"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-743"
},
{
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) AMT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An input validation error vulnerability exists in a subsystem in Intel AMT. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: Intel AMT versions prior to 11.8.65, versions prior to 11.11.65, versions prior to 11.22.65, and versions prior to 12.0.35",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0092"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"db": "VULHUB",
"id": "VHN-140123"
},
{
"db": "VULMON",
"id": "CVE-2019-0092"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0092",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-743",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140123",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0092",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140123"
},
{
"db": "VULMON",
"id": "CVE-2019-0092"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-743"
},
{
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"id": "VAR-201905-1174",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140123"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T20:41:47.375000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0092"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140123"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k84591451"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0092"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0092"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140123"
},
{
"db": "VULMON",
"id": "CVE-2019-0092"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-743"
},
{
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140123"
},
{
"db": "VULMON",
"id": "CVE-2019-0092"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-743"
},
{
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140123"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0092"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-743"
},
{
"date": "2019-05-17T16:29:01.080000",
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-140123"
},
{
"date": "2023-05-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0092"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004703"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-743"
},
{
"date": "2024-11-21T04:16:13.003000",
"db": "NVD",
"id": "CVE-2019-0092"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-743"
}
],
"trust": 0.6
}
}
VAR-201905-1172
Vulnerability from variot - Updated: 2024-11-23 20:41Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) CSME and SPS Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) and others are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services (SPS) is a server platform service program. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). An access control error vulnerability exists in subsystems in several Intel products. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: Intel CSME before 11.x, before 12.0.35; TXE before 3.x, before 4.x; SPS before 3.x, before 4.x, SPS_E3_05.00.04 Versions prior to .027.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1172",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "server platform services",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "sps_e3_05.00.04.027.0"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "12.0.35"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0090",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2019-0090",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-0090",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-140121",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"id": "CVE-2019-0090",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0090",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0090",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-0090",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-741",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-140121",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0090",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140121"
},
{
"db": "VULMON",
"id": "CVE-2019-0090"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-741"
},
{
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) CSME and SPS Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) and others are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services (SPS) is a server platform service program. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). An access control error vulnerability exists in subsystems in several Intel products. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: Intel CSME before 11.x, before 12.0.35; TXE before 3.x, before 4.x; SPS before 3.x, before 4.x, SPS_E3_05.00.04 Versions prior to .027.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0090"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"db": "VULHUB",
"id": "VHN-140121"
},
{
"db": "VULMON",
"id": "CVE-2019-0090"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0090",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-741",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-18579",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140121",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0090",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140121"
},
{
"db": "VULMON",
"id": "CVE-2019-0090"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-741"
},
{
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"id": "VAR-201905-1172",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140121"
}
],
"trust": 0.7550199566666667
},
"last_update_date": "2024-11-23T20:41:24.951000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2020/03/05/unfixable_intel_csme_flaw/"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
},
{
"title": "WikipediaScraper",
"trust": 0.1,
"url": "https://github.com/engstrar/WikipediaScraper "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0090"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140121"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k59145983"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0090"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0090"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/engstrar/wikipediascraper"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140121"
},
{
"db": "VULMON",
"id": "CVE-2019-0090"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-741"
},
{
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140121"
},
{
"db": "VULMON",
"id": "CVE-2019-0090"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-741"
},
{
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140121"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0090"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-741"
},
{
"date": "2019-05-17T16:29:00.937000",
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140121"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0090"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004743"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-741"
},
{
"date": "2024-11-21T04:16:12.770000",
"db": "NVD",
"id": "CVE-2019-0090"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-741"
}
],
"trust": 0.6
}
}
VAR-201905-1181
Vulnerability from variot - Updated: 2024-11-23 20:29Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. Intel Graphics Driver Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. Intel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1181",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.33.4578"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.31.4414"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.28.4332"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.26.4294"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.46.4885"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.43.4425"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.45.4653"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.34.4889"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.10.5069"
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.14.5067"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5057"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5056"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5067"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5069"
}
],
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Konstantin Wurster, and an Intel partner.",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-750"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0113",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0113",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-140144",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2019-0113",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0113",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0113",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-750",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140144",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140144"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-750"
},
{
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. Intel Graphics Driver Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. \nIntel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0113"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "VULHUB",
"id": "VHN-140144"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0113",
"trust": 2.8
},
{
"db": "BID",
"id": "108385",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-750",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-26295",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140144",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140144"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-750"
},
{
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"id": "VAR-201905-1181",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140144"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T20:29:54.417000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00218",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140144"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108385"
},
{
"trust": 2.0,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0113"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0113"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26295"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140144"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-750"
},
{
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140144"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-750"
},
{
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140144"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-750"
},
{
"date": "2019-05-17T16:29:01.563000",
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-140144"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004713"
},
{
"date": "2019-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-750"
},
{
"date": "2024-11-21T04:16:15.280000",
"db": "NVD",
"id": "CVE-2019-0113"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-750"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-750"
}
],
"trust": 0.6
}
}
VAR-201905-1251
Vulnerability from variot - Updated: 2024-11-23 20:28Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access. This tool is mainly used to get the latest applications provided by Intel. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1251",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "driver \\\u0026 support assistant",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "19.3.12.3"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": "lte",
"trust": 0.8,
"vendor": "intel",
"version": "19.3.12.3"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-11095",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11095",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142707",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-11095",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11095",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-11095",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-766",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142707",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142707"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-766"
},
{
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access. This tool is mainly used to get the latest applications provided by Intel. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11095"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"db": "VULHUB",
"id": "VHN-142707"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11095",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-766",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-18582",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-142707",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142707"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-766"
},
{
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"id": "VAR-201905-1251",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142707"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T20:28:43.641000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00252",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142707"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k05525310"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11095"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11095"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142707"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-766"
},
{
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142707"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-766"
},
{
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-142707"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-766"
},
{
"date": "2019-05-17T16:29:03.237000",
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-142707"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004710"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-766"
},
{
"date": "2024-11-21T04:20:31.693000",
"db": "NVD",
"id": "CVE-2019-11095"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-766"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-766"
}
],
"trust": 0.6
}
}
VAR-201905-1179
Vulnerability from variot - Updated: 2024-11-23 20:22Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) CSME and TXE Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). Vulnerabilities in permissions and access control issues exist in the subsystems of Intel CSME versions prior to 12.0.35 and Intel TXE versions prior to 3.1.65 and 4.0.15. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "trusted execution engine",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "3.1.65"
},
{
"model": "trusted execution engine",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "4.0.15"
},
{
"model": "converged security management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.10"
},
{
"model": "trusted execution engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "3.0"
},
{
"model": "converged security management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.20"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "trusted execution engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "4.0"
},
{
"model": "converged security management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "converged security management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0098",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0098",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-140129",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-0098",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0098",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0098",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-749",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140129",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-0098",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140129"
},
{
"db": "VULMON",
"id": "CVE-2019-0098"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-749"
},
{
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) CSME and TXE Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). Vulnerabilities in permissions and access control issues exist in the subsystems of Intel CSME versions prior to 12.0.35 and Intel TXE versions prior to 3.1.65 and 4.0.15. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0098"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"db": "VULHUB",
"id": "VHN-140129"
},
{
"db": "VULMON",
"id": "CVE-2019-0098"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0098",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-749",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2211",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-18585",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140129",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0098",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140129"
},
{
"db": "VULMON",
"id": "CVE-2019-0098"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-749"
},
{
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"id": "VAR-201905-1179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140129"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T20:22:33.311000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0098"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140129"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k10522033"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0098"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0098"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k71265658"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k21423526"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2211/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140129"
},
{
"db": "VULMON",
"id": "CVE-2019-0098"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-749"
},
{
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140129"
},
{
"db": "VULMON",
"id": "CVE-2019-0098"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-749"
},
{
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140129"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0098"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-749"
},
{
"date": "2019-05-17T16:29:01.423000",
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140129"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0098"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004707"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-749"
},
{
"date": "2024-11-21T04:16:13.603000",
"db": "NVD",
"id": "CVE-2019-0098"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-749"
}
],
"trust": 0.6
}
}
VAR-201905-0867
Vulnerability from variot - Updated: 2024-11-23 20:21Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. plural Intel The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. Attackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. Intel Server Board, etc. are all products of Intel Corporation of the United States. Intel Server Board is a server motherboard. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor D Family is a Xeon D series server central processing unit (CPU). A buffer overflow vulnerability exists in the system firmware of several Intel products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. A local attacker could exploit this vulnerability to elevate a new server and/or cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0867",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xeon gold processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bps24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2142it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600jfq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1567",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpq24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2123it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600st",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1622",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1571",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1623n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2400lp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1518",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1521",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1533n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1523n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600bp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp24sr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2183it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2191",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon bronze processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s1200sp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kpfr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1602",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600wpq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2146nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1531",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1627",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600kp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2187nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1541",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mfs5520vir",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600tp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600jf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1633n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600wt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s7200ap",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1543n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1548",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1513n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1529",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mfs2600ki",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2166nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600cw",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpfr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpblc",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1653n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1539",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1577",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mfs5000si",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1537",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpblc24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200aprl",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tpnr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2145nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server system s9200wk",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "server board s2600wf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpb",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1557",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600wpf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200apr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2141i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1649n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2163it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1559",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1527",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200apl",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2161i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600wp",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600jff",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp24str",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kpf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600kpr",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2143it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpb24",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bpq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1528",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2177nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns7200ap",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600bps",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2173it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1553n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "hns2600tp24r",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1602",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1622",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1623n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1627",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1633n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1637",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1649n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1653n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2141i",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2177nt",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon scalable processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon d processor",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium silver processor series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute module",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor e3900 series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor a series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0119",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0119",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-140150",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0119",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0119",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0119",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-763",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140150",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. plural Intel The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. \nAttackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. Intel Server Board, etc. are all products of Intel Corporation of the United States. Intel Server Board is a server motherboard. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor D Family is a Xeon D series server central processing unit (CPU). A buffer overflow vulnerability exists in the system firmware of several Intel products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. A local attacker could exploit this vulnerability to elevate a new server and/or cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0119"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "VULHUB",
"id": "VHN-140150"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0119",
"trust": 2.8
},
{
"db": "BID",
"id": "108485",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2047",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26294",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140150",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"id": "VAR-201905-0867",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
}
],
"trust": 0.797873084
},
"last_update_date": "2024-11-23T20:21:11.178000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00223",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108485"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k85585101"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0119"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.9,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0119"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2047/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26294"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140150"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140150"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"date": "2019-05-17T16:29:01.783000",
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-140150"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004739"
},
{
"date": "2019-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-763"
},
{
"date": "2024-11-21T04:16:16.060000",
"db": "NVD",
"id": "CVE-2019-0119"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-763"
}
],
"trust": 0.6
}
}
VAR-201905-0871
Vulnerability from variot - Updated: 2024-11-23 20:11Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) ACU Wizard Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Intel Products are prone to multiple local privilege-escalation vulnerabilities. Local attackers can exploit these issues to gain elevated privileges. Intel ACU Wizard is an AMT configuration utility developed by Intel Corporation. Permission and access control issues exist in Intel ACU Wizard 12.0.0.129 and earlier versions. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0871",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acu wizard",
"scope": "lte",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.0.129"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "setup and configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1123"
},
{
"model": "setup and configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "12.0.0.129"
},
{
"model": "setup and configuration software",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "12.1.0.87"
}
],
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marius Gabriel Mihai",
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-753"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0138",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0138",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-140169",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-0138",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0138",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-0138",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-753",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-140169",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140169"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-753"
},
{
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) ACU Wizard Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Intel Products are prone to multiple local privilege-escalation vulnerabilities. \nLocal attackers can exploit these issues to gain elevated privileges. Intel ACU Wizard is an AMT configuration utility developed by Intel Corporation. Permission and access control issues exist in Intel ACU Wizard 12.0.0.129 and earlier versions. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0138"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "VULHUB",
"id": "VHN-140169"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0138",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "BID",
"id": "108565",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-753",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-18588",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140169",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140169"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-753"
},
{
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"id": "VAR-201905-0871",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140169"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T20:11:24.671000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00234",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140169"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0138"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0138"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/108565"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140169"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-753"
},
{
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140169"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-753"
},
{
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140169"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108565"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-753"
},
{
"date": "2019-05-17T16:29:02.047000",
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140169"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108565"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004657"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-753"
},
{
"date": "2024-11-21T04:16:18.753000",
"db": "NVD",
"id": "CVE-2019-0138"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-753"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-753"
}
],
"trust": 0.6
}
}
VAR-201905-0869
Vulnerability from variot - Updated: 2024-11-23 20:10Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. Attackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor D Family is a Xeon D series server central processing unit (CPU). The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0869",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xeon gold processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1513n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1653n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2142it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2166nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1539",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1567",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1577",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2123it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1622",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1571",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1537",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2145nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1623n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1518",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1521",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1533n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1523n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1557",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2183it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2191",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon bronze processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2141i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1649n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2163it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1559",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1602",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1527",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2161i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2146nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1531",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1627",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2187nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum processors",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2143it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1541",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1528",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1633n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1543n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2177nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1529",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1548",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2173it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1553n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1602",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1622",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1623n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1627",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1633n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1637",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1649n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1653n",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2141i",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2177nt",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon scalable processors",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon d processor",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium silver processor series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute module",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor n series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor j series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor e3900 series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor a series",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-752"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0126",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0126",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-140157",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0126",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0126",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0126",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-752",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140157",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-0126",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140157"
},
{
"db": "VULMON",
"id": "CVE-2019-0126"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-752"
},
{
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel Unified Extensible Firmware Interface is prone to multiple security vulnerabilities. \nAttackers can leverage these issues to gain elevated privileges and execute arbitrary code to cause denial-of-service conditions on the affected device. Intel Xeon Scalable Processors are a scalable server central processing unit (CPU). Intel Xeon Processor D Family is a Xeon D series server central processing unit (CPU). The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0126"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "VULHUB",
"id": "VHN-140157"
},
{
"db": "VULMON",
"id": "CVE-2019-0126"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0126",
"trust": 2.9
},
{
"db": "BID",
"id": "108485",
"trust": 2.1
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-752",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2048",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26294",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-18584",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140157",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0126",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140157"
},
{
"db": "VULMON",
"id": "CVE-2019-0126"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-752"
},
{
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"id": "VAR-201905-0869",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140157"
}
],
"trust": 0.797873084
},
"last_update_date": "2024-11-23T20:10:09.445000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00223",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03617 rev. 4 - Intel UEFI System Firmware Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=b0413432f47d216ea618a3e80ce26619"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03617 rev. 4 - Intel UEFI System Firmware Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=08e377565fb7f0ab3c26bbc2a0fc9135"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0126"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140157"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/108485"
},
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k37428370"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0126"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.9,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0126"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2048/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26294"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com//us-en/document/c06330147"
},
{
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140157"
},
{
"db": "VULMON",
"id": "CVE-2019-0126"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-752"
},
{
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140157"
},
{
"db": "VULMON",
"id": "CVE-2019-0126"
},
{
"db": "BID",
"id": "108485"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-752"
},
{
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140157"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0126"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-752"
},
{
"date": "2019-05-17T16:29:01.923000",
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-140157"
},
{
"date": "2021-06-21T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0126"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108485"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004718"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-752"
},
{
"date": "2024-11-21T04:16:17.373000",
"db": "NVD",
"id": "CVE-2019-0126"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108485"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-752"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-752"
}
],
"trust": 0.6
}
}
VAR-201905-1173
Vulnerability from variot - Updated: 2024-11-23 20:02Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. Intel(R) CSME and TXE Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A code injection vulnerability exists in the installer in Intel CSME and Intel TXE. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing code segments from external input data. Attackers can exploit this vulnerability to generate illegal code segments and modify the expected execution control flow of network systems or components. The following products and versions are affected: Intel CSME versions before 11.8.65, versions before 11.11.65, versions before 11.22.65, versions before 12.0.35; Intel TXE versions 3.1.65 and 4.0.15
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0"
},
{
"model": "trusted execution technology",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "3.1.65"
},
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.0"
},
{
"model": "trusted execution technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "4.0"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.0"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "trusted execution technology",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "4.0.15"
},
{
"model": "converged security and management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "trusted execution technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "3.1.0"
},
{
"model": "converged security and management engine",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "11.22.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "11.11.65"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "11.22.65"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "11.8.65"
},
{
"model": "converged security management engine",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "trusted execution engine interface",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "3.1.65"
},
{
"model": "trusted execution engine interface",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "4.0.15"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0091",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0091",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-140122",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-0091",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0091",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-0091",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-742",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-140122",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-0091",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140122"
},
{
"db": "VULMON",
"id": "CVE-2019-0091"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-742"
},
{
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. Intel(R) CSME and TXE Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). A code injection vulnerability exists in the installer in Intel CSME and Intel TXE. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing code segments from external input data. Attackers can exploit this vulnerability to generate illegal code segments and modify the expected execution control flow of network systems or components. The following products and versions are affected: Intel CSME versions before 11.8.65, versions before 11.11.65, versions before 11.22.65, versions before 12.0.35; Intel TXE versions 3.1.65 and 4.0.15",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0091"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"db": "VULHUB",
"id": "VHN-140122"
},
{
"db": "VULMON",
"id": "CVE-2019-0091"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0091",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-742",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2211",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-18578",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140122",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0091",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140122"
},
{
"db": "VULMON",
"id": "CVE-2019-0091"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-742"
},
{
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"id": "VAR-201905-1173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140122"
}
],
"trust": 0.7550199566666667
},
"last_update_date": "2024-11-23T20:02:07.074000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0091"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140122"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k21423526"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0091"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0091"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k71265658"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k10522033"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2211/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140122"
},
{
"db": "VULMON",
"id": "CVE-2019-0091"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-742"
},
{
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140122"
},
{
"db": "VULMON",
"id": "CVE-2019-0091"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-742"
},
{
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140122"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0091"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-742"
},
{
"date": "2019-05-17T16:29:01.017000",
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-140122"
},
{
"date": "2019-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0091"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004742"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-742"
},
{
"date": "2024-11-21T04:16:12.890000",
"db": "NVD",
"id": "CVE-2019-0091"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-742"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-742"
}
],
"trust": 0.6
}
}
VAR-201905-1183
Vulnerability from variot - Updated: 2024-11-23 19:59Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access. Intel Graphics Driver Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. Intel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. KMD is one of the input modules. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1183",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.33.4578"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.31.4414"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.28.4332"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.26.4294"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.46.4885"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.43.4425"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.33.45.4653"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "15.36.34.4889"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.10.5069"
},
{
"model": "graphics driver",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "10.18.14.5067"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5057"
},
{
"model": "graphics driver",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5056"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.36.x.5067"
},
{
"model": "graphics driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "15.33.x.5069"
}
],
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Konstantin Wurster, and an Intel partner.",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-755"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0115",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0115",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-140146",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2019-0115",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0115",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0115",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-755",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140146",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140146"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-755"
},
{
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access. Intel Graphics Driver Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. \nIntel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. KMD is one of the input modules. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0115"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "VULHUB",
"id": "VHN-140146"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0115",
"trust": 2.8
},
{
"db": "BID",
"id": "108385",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-755",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-26295",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140146",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140146"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-755"
},
{
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"id": "VAR-201905-1183",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140146"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T19:59:24.849000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00218",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140146"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108385"
},
{
"trust": 2.0,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0115"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0115"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26295"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140146"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-755"
},
{
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140146"
},
{
"db": "BID",
"id": "108385"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-755"
},
{
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140146"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-755"
},
{
"date": "2019-05-17T16:29:01.673000",
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-140146"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108385"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004715"
},
{
"date": "2019-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-755"
},
{
"date": "2024-11-21T04:16:15.500000",
"db": "NVD",
"id": "CVE-2019-0115"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108385"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-755"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-755"
}
],
"trust": 0.6
}
}
VAR-201905-0864
Vulnerability from variot - Updated: 2024-11-23 19:58Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. Intel(R) DAL Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Dynamic Application Loader (DAL) is a dynamic application loader from Intel Corporation. The product supports running Java code on CSME firmware. A buffer overflow vulnerability exists in the subsystems of Intel DAL prior to 12.0.35. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0864",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "converged security management engine",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": "lt",
"trust": 0.8,
"vendor": "intel",
"version": "12.0.35"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-0170",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0170",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-140201",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0170",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0170",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0170",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-756",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140201",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0170",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140201"
},
{
"db": "VULMON",
"id": "CVE-2019-0170"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-756"
},
{
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. Intel(R) DAL Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Dynamic Application Loader (DAL) is a dynamic application loader from Intel Corporation. The product supports running Java code on CSME firmware. A buffer overflow vulnerability exists in the subsystems of Intel DAL prior to 12.0.35. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0170"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"db": "VULHUB",
"id": "VHN-140201"
},
{
"db": "VULMON",
"id": "CVE-2019-0170"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0170",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-756",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140201",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0170",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140201"
},
{
"db": "VULMON",
"id": "CVE-2019-0170"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-756"
},
{
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"id": "VAR-201905-0864",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140201"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T19:58:58.251000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0170"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140201"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k51470205"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0170"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0170"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140201"
},
{
"db": "VULMON",
"id": "CVE-2019-0170"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-756"
},
{
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140201"
},
{
"db": "VULMON",
"id": "CVE-2019-0170"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-756"
},
{
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140201"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0170"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-756"
},
{
"date": "2019-05-17T16:29:02.173000",
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-140201"
},
{
"date": "2019-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0170"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004645"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-756"
},
{
"date": "2024-11-21T04:16:24.007000",
"db": "NVD",
"id": "CVE-2019-0170"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-756"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-756"
}
],
"trust": 0.6
}
}
VAR-201905-1250
Vulnerability from variot - Updated: 2024-11-23 19:54Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1250",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nuc kit",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"cve": "CVE-2019-11094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11094",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142706",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-11094",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11094",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-11094",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-765",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142706",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-11094",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142706"
},
{
"db": "VULMON",
"id": "CVE-2019-11094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-765"
},
{
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"db": "VULHUB",
"id": "VHN-142706"
},
{
"db": "VULMON",
"id": "CVE-2019-11094"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11094",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-765",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-142706",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-11094",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142706"
},
{
"db": "VULMON",
"id": "CVE-2019-11094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-765"
},
{
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"id": "VAR-201905-1250",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142706"
}
],
"trust": 0.7034239516666667
},
"last_update_date": "2024-11-23T19:54:31.086000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00251",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-patches-high-severity-flaw-in-processor-diagnostic-tool/146352/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-patches-nuc-firmware/145620/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-11094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11094"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11094"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/intel-patches-high-severity-flaw-in-processor-diagnostic-tool/146352/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142706"
},
{
"db": "VULMON",
"id": "CVE-2019-11094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-765"
},
{
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142706"
},
{
"db": "VULMON",
"id": "CVE-2019-11094"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-765"
},
{
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-142706"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11094"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-765"
},
{
"date": "2019-05-17T16:29:03.187000",
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-142706"
},
{
"date": "2019-05-21T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11094"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004711"
},
{
"date": "2019-05-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-765"
},
{
"date": "2024-11-21T04:20:31.577000",
"db": "NVD",
"id": "CVE-2019-11094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-765"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-765"
}
],
"trust": 0.6
}
}
VAR-201905-1249
Vulnerability from variot - Updated: 2024-11-23 19:49Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Multiple Intel Products are prone to multiple local privilege-escalation vulnerabilities. Local attackers can exploit these issues to gain elevated privileges. Intel SCS Discovery Utility is a utility program of Intel Corporation for obtaining detailed data about Intel AMT. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1249",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scs discovery utility",
"scope": "lte",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.0.129"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "setup and configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1123"
},
{
"model": "setup and configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "12.0.0.129"
},
{
"model": "setup and configuration software",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "12.1.0.87"
}
],
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marius Gabriel Mihai",
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
],
"trust": 0.9
},
"cve": "CVE-2019-11093",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11093",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142705",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-11093",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11093",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-11093",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-764",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142705",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Multiple Intel Products are prone to multiple local privilege-escalation vulnerabilities. \nLocal attackers can exploit these issues to gain elevated privileges. Intel SCS Discovery Utility is a utility program of Intel Corporation for obtaining detailed data about Intel AMT. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11093"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "VULHUB",
"id": "VHN-142705"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11093",
"trust": 2.8
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "BID",
"id": "108565",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-18581",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-142705",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"id": "VAR-201905-1249",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T19:49:26.435000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "INTEL-SA-00234",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11093"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11093"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/108565"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142705"
},
{
"db": "BID",
"id": "108565"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
},
{
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-142705"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108565"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-764"
},
{
"date": "2019-05-17T16:29:03.110000",
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-142705"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108565"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004712"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-764"
},
{
"date": "2024-11-21T04:20:31.473000",
"db": "NVD",
"id": "CVE-2019-11093"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108565"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-764"
}
],
"trust": 0.6
}
}
VAR-201905-1178
Vulnerability from variot - Updated: 2024-11-23 19:42Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. Intel(R) AMT Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An input validation error vulnerability exists in subsystems in versions prior to Intel AMT 12.0.35. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1178",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "active management technology",
"scope": "lt",
"trust": 1.8,
"vendor": "intel",
"version": "12.0.35"
},
{
"model": "active management technology",
"scope": "gte",
"trust": 1.0,
"vendor": "intel",
"version": "12.0.20"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
}
]
},
"cve": "CVE-2019-0097",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-0097",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-140128",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"id": "CVE-2019-0097",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0097",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0097",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-747",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140128",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0097",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140128"
},
{
"db": "VULMON",
"id": "CVE-2019-0097"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-747"
},
{
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. Intel(R) AMT Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. An input validation error vulnerability exists in subsystems in versions prior to Intel AMT 12.0.35. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0097"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "VULHUB",
"id": "VHN-140128"
},
{
"db": "VULMON",
"id": "CVE-2019-0097"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0097",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-747",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-140128",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0097",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140128"
},
{
"db": "VULMON",
"id": "CVE-2019-0097"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-747"
},
{
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"id": "VAR-201905-1178",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140128"
}
],
"trust": 0.773523948
},
"last_update_date": "2024-11-23T19:42:52.780000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0097"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140128"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k84591451"
},
{
"trust": 1.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0097"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0097"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140128"
},
{
"db": "VULMON",
"id": "CVE-2019-0097"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-747"
},
{
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140128"
},
{
"db": "VULMON",
"id": "CVE-2019-0097"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-747"
},
{
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140128"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0097"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-747"
},
{
"date": "2019-05-17T16:29:01.360000",
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-140128"
},
{
"date": "2023-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0097"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004706"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-747"
},
{
"date": "2024-11-21T04:16:13.490000",
"db": "NVD",
"id": "CVE-2019-0097"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-747"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel(R) AMT Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004706"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-747"
}
],
"trust": 0.6
}
}
VAR-201905-1171
Vulnerability from variot - Updated: 2024-11-23 19:41Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access. Intel(R) SPS Contains a data processing vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Server Platform Services are prone to an local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. A code issue vulnerability exists in subsystems in Intel SPS. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products. The following products and versions are affected: Intel SPS versions prior to SPS_E5_04.00.04.381.0, versions prior to SPS_E3_04.01.04.054.0, versions prior to SPS_SoC-A_04.00.04.181.0, versions prior to SPS_SoC-X_04.00.04.086.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1171",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "server platform services",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "sps_soc-a_04.00.04.181.0"
},
{
"model": "server platform services",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "sps_e3_04.01.04.054.0"
},
{
"model": "server platform services",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "sps_soc-x_04.00.04.086.0"
},
{
"model": "server platform services",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "sps_e5_04.00.04.381.0"
},
{
"model": "acu wizard",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "converged security management engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "driver and support assistant",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dynamic application loader",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "i915",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc board nuc7i7dnbe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i5dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnhe",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc7i7dnke",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hnk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit nuc8i7hvk",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus ii programmer and tools",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution engine",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "quartus prime",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "scs discovery utility",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "unite client",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "graphics driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "server platform services",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "sps_e3_04.01.04.054.0"
},
{
"model": "server platform services",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "sps_e5_04.00.04.381.0"
},
{
"model": "server platform services",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "sps_soc-a_04.00.04.181.0"
},
{
"model": "server platform services",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "sps_soc-x_04.00.04.086.0"
},
{
"model": "server platform services",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "traffix sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1"
},
{
"model": "traffix sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0"
},
{
"model": "server platform services sps soc-x 04.00.04.0",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "server platform services sps soc-a 04.00.04.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "server platform services sps e5 04.00.04.381.",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "server platform services sps e3 04.01.04.054.",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "108826"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:acu_wizard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:active_management_technology_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:converged_security_management_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:driver_%26_support_assistant",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:dynamic_application_loader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:i915_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:boardnuc7i7dnbe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i5dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc7i7dnke",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hnk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc8i7hvk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_ii_programmer_and_tools",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:server_platform_services_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_engine_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:quartus_prime",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:scs_discovery_utility",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:Unite_Client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:graphics_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "108826"
}
],
"trust": 0.3
},
"cve": "CVE-2019-0089",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0089",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-140120",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-0089",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0089",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0089",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-740",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140120",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0089",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140120"
},
{
"db": "VULMON",
"id": "CVE-2019-0089"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-740"
},
{
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access. Intel(R) SPS Contains a data processing vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Server Platform Services are prone to an local privilege-escalation vulnerability. \nA local attacker can exploit this issue to gain elevated privileges. A code issue vulnerability exists in subsystems in Intel SPS. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products. The following products and versions are affected: Intel SPS versions prior to SPS_E5_04.00.04.381.0, versions prior to SPS_E3_04.01.04.054.0, versions prior to SPS_SoC-A_04.00.04.181.0, versions prior to SPS_SoC-X_04.00.04.086.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0089"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"db": "BID",
"id": "108826"
},
{
"db": "VULHUB",
"id": "VHN-140120"
},
{
"db": "VULMON",
"id": "CVE-2019-0089"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0089",
"trust": 2.9
},
{
"db": "JVN",
"id": "JVNVU92328381",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-740",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ASB-2019.0148.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2186",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-26293",
"trust": 0.6
},
{
"db": "BID",
"id": "108826",
"trust": 0.3
},
{
"db": "CNVD",
"id": "CNVD-2020-18580",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-140120",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-0089",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140120"
},
{
"db": "VULMON",
"id": "CVE-2019-0089"
},
{
"db": "BID",
"id": "108826"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-740"
},
{
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"id": "VAR-201905-1171",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140120"
}
],
"trust": 0.7220338466666667
},
"last_update_date": "2024-11-23T19:41:14.771000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
},
{
"title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
},
{
"title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
},
{
"title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
},
{
"title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
},
{
"title": "INTEL-SA-00251 - IntelR NUC Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
},
{
"title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
},
{
"title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
},
{
"title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
},
{
"title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
},
{
"title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
},
{
"title": "HP: HPSBHF03616 rev. 1 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03616"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=fd8d8d147c2dc58a9552ea19a80369fe"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03616 rev. 4 - Intel 2019.1 CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=36bdf366c0b633d1ee0c20eab22574bc"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0089"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-19",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140120"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://support.f5.com/csp/article/k47234311"
},
{
"trust": 2.1,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0089"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/index.html"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/ridl.pdf"
},
{
"trust": 0.8,
"url": "https://mdsattacks.com/files/fallout.pdf"
},
{
"trust": 0.8,
"url": "https://zombieloadattack.com/"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0089"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92328381/"
},
{
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/solutions/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0148.2/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-26293"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2186/"
},
{
"trust": 0.3,
"url": "http://www.intel.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/19.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
},
{
"trust": 0.1,
"url": "https://support.hp.com/us-en/document/c06330088"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140120"
},
{
"db": "VULMON",
"id": "CVE-2019-0089"
},
{
"db": "BID",
"id": "108826"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-740"
},
{
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140120"
},
{
"db": "VULMON",
"id": "CVE-2019-0089"
},
{
"db": "BID",
"id": "108826"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-740"
},
{
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-140120"
},
{
"date": "2019-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0089"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108826"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"date": "2019-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-740"
},
{
"date": "2019-05-17T16:29:00.860000",
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-140120"
},
{
"date": "2019-06-19T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0089"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108826"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003441"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004745"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-740"
},
{
"date": "2024-11-21T04:16:12.653000",
"db": "NVD",
"id": "CVE-2019-0089"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108826"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-740"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-740"
}
],
"trust": 0.6
}
}