Vulnerability CVE-2019-0174

Vulnerability CVE-2019-0174

Published: 2019-06-13

Description:

Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access.

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
2.1/10	2.9/10	3.9/10

Exploit range	Attack complexity	Authentication
Local	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	None	None

Affected software
Intel -> E5-1680 firmware
Intel -> E5-2643 firmware
Intel -> E5-2699 firmware
Intel -> E7-8867 firmware
Intel -> I3-4100e firmware
Intel -> I3-4170t firmware
Intel -> I5-4202y firmware
Intel -> I5-4310m firmware
Intel -> I5-4460t firmware
Intel -> 3805u firmware
Intel -> E3-1270 firmware
Intel -> E5-2408l firmware
Intel -> E5-2648l firmware
Intel -> E5-4610 firmware
Intel -> E7-8870 firmware
Intel -> I3-4100m firmware
Intel -> I3-4330 firmware
Intel -> I5-4210h firmware
Intel -> I5-4310u firmware
Intel -> I7-7800x firmware
Intel -> 2000e firmware
Intel -> 3825u firmware
Intel -> E3-1271 firmware
Intel -> E5-2418l firmware
Intel -> E5-2650 firmware
Intel -> E5-4620 firmware
Intel -> E7-8880 firmware
Intel -> I3-4100u firmware
Intel -> I3-4330t firmware
Intel -> I5-4210m firmware
Intel -> I5-4330m firmware
Intel -> I7-7820x firmware
Intel -> 2002e firmware
Intel -> E3-1220 firmware
Intel -> E3-1275 firmware
Intel -> E5-2428l firmware
Intel -> E5-2650l firmware
Intel -> E5-4627 firmware
Intel -> E7-8880l firmware
Intel -> I3-4102e firmware
Intel -> I3-4330te firmware
Intel -> I5-4210u firmware
Intel -> I5-4340m firmware
Intel -> I9-7900x firmware
Intel -> 2950m firmware
Intel -> E3-1220l firmware
Intel -> E3-1275l firmware
Intel -> E5-2438l firmware
Intel -> E5-2658 firmware
Intel -> E5-4640 firmware
Intel -> E7-8890 firmware
Intel -> I3-4110e firmware
Intel -> I3-4340 firmware
Intel -> I5-4210y firmware
Intel -> I5-4350u firmware
Intel -> I9-7920x firmware
Intel -> 2955u firmware
Intel -> E3-1225 firmware
Intel -> E3-1276 firmware
Intel -> E5-2603 firmware
Intel -> E5-2658a firmware
Intel -> E5-4648 firmware
Intel -> E7-8891 firmware
Intel -> I3-4110m firmware
Intel -> I3-4340te firmware
Intel -> I5-4220y firmware
Intel -> I5-4360u firmware
Intel -> I9-7940x firmware
Intel -> 2957u firmware
Intel -> E3-1226 firmware
Intel -> E3-1280 firmware
Intel -> E5-2608l firmware
Intel -> E5-2660 firmware
Intel -> E5-4650 firmware
Intel -> E7-8893 firmware
Intel -> I3-4112e firmware
Intel -> I3-4350 firmware
Intel -> I5-4250u firmware
Intel -> I5-4400e firmware
Intel -> I9-7960x firmware
Intel -> 2961y firmware
Intel -> E3-1230 firmware
Intel -> E3-1281 firmware
Intel -> E5-2609 firmware
Intel -> E5-2667 firmware
Intel -> E5-4655 firmware
Intel -> I3-4000m firmware
Intel -> I3-4120u firmware
Intel -> I3-4350t firmware
Intel -> I5-4258u firmware
Intel -> I5-4402e firmware
Intel -> I9-7980xe firmware
Intel -> 2970m firmware
Intel -> E3-1230l firmware
Intel -> E3-1285 firmware
Intel -> E5-2618l firmware
Intel -> E5-2670 firmware
Intel -> E5-4660 firmware
Intel -> I3-4005u firmware
Intel -> I3-4130 firmware

References:

http://www.securityfocus.com/bid/108731

https://security.netapp.com/advisory/ntap-20190612-0001/

https://support.lenovo.com/us/en/product_security/LEN-27842

https://www.intel.com/content/www/us/en/security-center/advisory/in

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00247.html

Vulnerability CVE-2019-0174

Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access.

CWE-200

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)

2.1/10

2.9/10

3.9/10

Local

Low

No required

Partial

None

None

Affected software

References: