var-202205-1013
Vulnerability from variot
Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1013", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "optane ssd 905p", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "fw600" }, { "model": "optane memory h10 with solid state storage", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "tgf061k" }, { "model": "optane memory h20 with solid state storage", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "pgf028k" }, { "model": "optane ssd p5800x", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "l0310200" }, { "model": "optane ssd dc p4801x", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "e2010600" }, { "model": "optane ssd 900p", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "fw600" }, { "model": "optane ssd dc p4800x", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "e2010600" }, { "model": "optane ssd dc p4800x", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "optane ssd p5800x", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "optane memory h10 with solid state storage", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "optane ssd dc p4801x", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "intel optane ssd 905p", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "intel optane ssd 900p", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null }, { "model": "optane memory h20 with solid state storage", "scope": null, "trust": 0.8, "vendor": "\u30a4\u30f3\u30c6\u30eb", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "db": "NVD", "id": "CVE-2021-33080" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "e2010600", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "e2010600", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "l0310200", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "pgf028k", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "tgf061k", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "fw600", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "fw600", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-33080" } ] }, "cve": "CVE-2021-33080", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.6, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2021-33080", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Physical", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.8, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-33080", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-33080", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202205-3142", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2021-33080", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-33080" }, { "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "db": "NVD", "id": "CVE-2021-33080" }, { "db": "CNNVD", "id": "CNNVD-202205-3142" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2021-33080" }, { "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "db": "VULMON", "id": "CVE-2021-33080" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-33080", "trust": 3.3 }, { "db": "JVN", "id": "JVNVU93344744", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-019620", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202205-3142", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-33080", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-33080" }, { "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "db": "NVD", "id": "CVE-2021-33080" }, { "db": "CNNVD", "id": "CNNVD-202205-3142" } ] }, "id": "VAR-202205-1013", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.15757576 }, "last_update_date": "2023-12-18T11:00:48.340000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Multiple Intel Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=193821" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/intel-memory-bug-poses-risk-for-hundreds-of-products/179595/" }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2022/05/12/intel_product_bugs/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-33080" }, { "db": "CNNVD", "id": "CNNVD-202205-3142" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-212", "trust": 1.0 }, { "problemtype": "Improper removal of important information prior to storage or transfer (CWE-212) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "db": "NVD", "id": "CVE-2021-33080" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html" }, { "trust": 1.6, "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/solidigm%20sa-000563%20rev1.1.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu93344744/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-33080" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2021-33080/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://threatpost.com/intel-memory-bug-poses-risk-for-hundreds-of-products/179595/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-33080" }, { "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "db": "NVD", "id": "CVE-2021-33080" }, { "db": "CNNVD", "id": "CNNVD-202205-3142" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2021-33080" }, { "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "db": "NVD", "id": "CVE-2021-33080" }, { "db": "CNNVD", "id": "CNNVD-202205-3142" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-05-12T00:00:00", "db": "VULMON", "id": "CVE-2021-33080" }, { "date": "2023-08-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "date": "2022-05-12T17:15:09.087000", "db": "NVD", "id": "CVE-2021-33080" }, { "date": "2022-05-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-3142" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-05-23T00:00:00", "db": "VULMON", "id": "CVE-2021-33080" }, { "date": "2023-08-07T08:16:00", "db": "JVNDB", "id": "JVNDB-2021-019620" }, { "date": "2022-10-07T13:58:36.250000", "db": "NVD", "id": "CVE-2021-33080" }, { "date": "2022-09-21T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-3142" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerability regarding deletion of sensitive information before storage or transfer in multiple Intel products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-019620" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-3142" } ], "trust": 0.6 } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…