Vulnerability CVE-2019-0126


Published: 2019-05-17

Description:
Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Intel -> Xeon d-2161i firmware 
Intel -> Xeon processor d-1528 firmware 
Intel -> Xeon silver processors firmware 
Intel -> Xeon bronze processors firmware 
Intel -> Xeon d-2163it firmware 
Intel -> Xeon processor d-1529 firmware 
Intel -> Xeon d-1602 firmware 
Intel -> Xeon d-2166nt firmware 
Intel -> Xeon processor d-1531 firmware 
Intel -> Xeon d-1622 firmware 
Intel -> Xeon d-2173it firmware 
Intel -> Xeon processor d-1533n firmware 
Intel -> Xeon d-1623n firmware 
Intel -> Xeon d-2177nt firmware 
Intel -> Xeon processor d-1537 firmware 
Intel -> Xeon d-1627 firmware 
Intel -> Xeon d-2183it firmware 
Intel -> Xeon processor d-1539 firmware 
Intel -> Xeon d-1633n firmware 
Intel -> Xeon d-2187nt firmware 
Intel -> Xeon processor d-1540 firmware 
Intel -> Xeon d-1637 firmware 
Intel -> Xeon d-2191 firmware 
Intel -> Xeon processor d-1541 firmware 
Intel -> Xeon d-1649n firmware 
Intel -> Xeon gold processors firmware 
Intel -> Xeon processor d-1543n firmware 
Intel -> Xeon d-1653n firmware 
Intel -> Xeon platinum processors firmware 
Intel -> Xeon processor d-1548 firmware 
Intel -> Xeon d-2123it firmware 
Intel -> Xeon processor d-1513n firmware 
Intel -> Xeon processor d-1553n firmware 
Intel -> Xeon d-2141i firmware 
Intel -> Xeon processor d-1518 firmware 
Intel -> Xeon processor d-1557 firmware 
Intel -> Xeon d-2142it firmware 
Intel -> Xeon processor d-1520 firmware 
Intel -> Xeon processor d-1559 firmware 
Intel -> Xeon d-2143it firmware 
Intel -> Xeon processor d-1521 firmware 
Intel -> Xeon processor d-1567 firmware 
Intel -> Xeon d-2145nt firmware 
Intel -> Xeon processor d-1523n firmware 
Intel -> Xeon processor d-1571 firmware 
Intel -> Xeon d-2146nt firmware 
Intel -> Xeon processor d-1527 firmware 
Intel -> Xeon processor d-1577 firmware 

 References:
http://www.securityfocus.com/bid/108485
https://support.f5.com/csp/article/K37428370
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html

Copyright 2024, cxsecurity.com

 

Back to Top