CVE-2021-33117

Опубликовано: 12 мая 2022

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

Ссылки

https://security.netapp.com/advisory/ntap-20220818-0001/
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html
Vendor Advisory
https://security.netapp.com/advisory/ntap-20220818-0001/
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:intel:bios:*:*:*:*:*:*:*:*

Версия до mr7 (исключая)

Одно из

cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5320h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_5320t:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6312u:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6314u:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6326:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6328h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6328hl:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6330:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6330h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6330n:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6334:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6336y:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6338:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6338n:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6338t:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6342:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6346:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6348:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6348h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_gold_6354:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8351n:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8352m:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8352s:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8352v:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8352y:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8353h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8354h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8356h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8358:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8358p:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8360h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8360hl:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8360y:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8362:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8368:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8368q:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8376h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8376hl:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8380:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8380h:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_platinum_8380hl:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_silver_4309y:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_silver_4310:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_silver_4310t:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_silver_4314:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_silver_4316:-:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:netapp:fas\/aff_bios:-:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00136

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2021-33117

CVSS3: 5.5

ubuntu

больше 3 лет назад

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

CVE-2021-33117

CVSS3: 6.5

redhat

больше 3 лет назад

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

CVE-2021-33117

CVSS3: 5.5

debian

больше 3 лет назад

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scala ...

GHSA-fmf3-xj8j-qrw9

CVSS3: 5.5

github

больше 3 лет назад

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

BDU:2022-05180

CVSS3: 5.5

fstec

больше 3 лет назад

Уязвимость системы BIOS микропрограммного обеспечения процессоров Intel, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 34%

0.00136

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other