Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-3615 (GCVE-0-2018-3615)
Vulnerability from cvelistv5 – Published: 2018-08-14 19:00 – Updated: 2024-09-16 19:40
VLAI?
EPSS
Summary
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Multiple |
Affected:
Multiple
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:50:30.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#982149",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "1041451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041451"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"name": "105080",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://foreshadowattack.eu/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Multiple",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Multiple"
}
]
}
],
"datePublic": "2018-08-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-08T12:06:06.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "VU#982149",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "1041451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041451"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"name": "105080",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://foreshadowattack.eu/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-08-14T00:00:00",
"ID": "CVE-2018-3615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multiple",
"version": {
"version_data": [
{
"version_value": "Multiple"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#982149",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "1041451",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041451"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"name": "105080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105080"
},
{
"name": "https://foreshadowattack.eu/",
"refsource": "MISC",
"url": "https://foreshadowattack.eu/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"name": "https://support.f5.com/csp/article/K35558453",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_45",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
"refsource": "CONFIRM",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-3615",
"datePublished": "2018-08-14T19:00:00.000Z",
"dateReserved": "2017-12-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:40:45.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CNVD-2018-15496
Vulnerability from cnvd - Published: 2018-08-16
VLAI Severity ?
Title
Intel CPU Foreshadow(预兆)漏洞
Description
L1终端故障(SGX)漏洞主要存在支持Intel SGX(软件保护扩展)技术的型号CPU中,漏洞命名为:Foreshadow(预兆),利用推测执行侧信道攻击,具有本地用户访问权限的攻击者可以实现未经授权读取到L1缓存中的数据,从而触发信息泄露效果,可能导致独立主机和云平台主机内存信息被未经授权读取。
Severity
中
Patch Name
Intel CPU Foreshadow(预兆)漏洞的补丁
Patch Description
L1终端故障(SGX)漏洞主要存在支持Intel SGX(软件保护扩展)技术的型号CPU中,漏洞命名为:Foreshadow(预兆),利用推测执行侧信道攻击,具有本地用户访问权限的攻击者可以实现未经授权读取到L1缓存中的数据,从而触发信息泄露效果,可能导致独立主机和云平台主机内存信息被未经授权读取。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可联系供应商获得补丁信息: https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
Reference
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
Impacted products
| Name | ['Intel 8th generation Intel® Core™ processors', 'Intel 7th generation Intel® Core™ processors', 'Intel 6th generation Intel® Core™ processors', 'Intel Intel® Xeon® Processor E3 v5 Family', 'Intel Intel® Xeon® Processor E3 v6 Family'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-3615"
}
},
"description": "L1\u7ec8\u7aef\u6545\u969c\uff08SGX\uff09\u6f0f\u6d1e\u4e3b\u8981\u5b58\u5728\u652f\u6301Intel SGX\uff08\u8f6f\u4ef6\u4fdd\u62a4\u6269\u5c55\uff09\u6280\u672f\u7684\u578b\u53f7CPU\u4e2d\uff0c\u6f0f\u6d1e\u547d\u540d\u4e3a\uff1aForeshadow\uff08\u9884\u5146\uff09\uff0c\u5229\u7528\u63a8\u6d4b\u6267\u884c\u4fa7\u4fe1\u9053\u653b\u51fb\uff0c\u5177\u6709\u672c\u5730\u7528\u6237\u8bbf\u95ee\u6743\u9650\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u5b9e\u73b0\u672a\u7ecf\u6388\u6743\u8bfb\u53d6\u5230L1\u7f13\u5b58\u4e2d\u7684\u6570\u636e\uff0c\u4ece\u800c\u89e6\u53d1\u4fe1\u606f\u6cc4\u9732\u6548\u679c\uff0c\u53ef\u80fd\u5bfc\u81f4\u72ec\u7acb\u4e3b\u673a\u548c\u4e91\u5e73\u53f0\u4e3b\u673a\u5185\u5b58\u4fe1\u606f\u88ab\u672a\u7ecf\u6388\u6743\u8bfb\u53d6\u3002",
"discovererName": "Intel",
"formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-15496",
"openTime": "2018-08-16",
"patchDescription": "L1\u7ec8\u7aef\u6545\u969c\uff08SGX\uff09\u6f0f\u6d1e\u4e3b\u8981\u5b58\u5728\u652f\u6301Intel SGX\uff08\u8f6f\u4ef6\u4fdd\u62a4\u6269\u5c55\uff09\u6280\u672f\u7684\u578b\u53f7CPU\u4e2d\uff0c\u6f0f\u6d1e\u547d\u540d\u4e3a\uff1aForeshadow\uff08\u9884\u5146\uff09\uff0c\u5229\u7528\u63a8\u6d4b\u6267\u884c\u4fa7\u4fe1\u9053\u653b\u51fb\uff0c\u5177\u6709\u672c\u5730\u7528\u6237\u8bbf\u95ee\u6743\u9650\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u5b9e\u73b0\u672a\u7ecf\u6388\u6743\u8bfb\u53d6\u5230L1\u7f13\u5b58\u4e2d\u7684\u6570\u636e\uff0c\u4ece\u800c\u89e6\u53d1\u4fe1\u606f\u6cc4\u9732\u6548\u679c\uff0c\u53ef\u80fd\u5bfc\u81f4\u72ec\u7acb\u4e3b\u673a\u548c\u4e91\u5e73\u53f0\u4e3b\u673a\u5185\u5b58\u4fe1\u606f\u88ab\u672a\u7ecf\u6388\u6743\u8bfb\u53d6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Intel CPU Foreshadow\uff08\u9884\u5146\uff09\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Intel 8th generation Intel\u00ae Core\u2122 processors",
"Intel 7th generation Intel\u00ae Core\u2122 processors",
"Intel 6th generation Intel\u00ae Core\u2122 processors",
"Intel Intel\u00ae Xeon\u00ae Processor E3 v5 Family",
"Intel Intel\u00ae Xeon\u00ae Processor E3 v6 Family"
]
},
"referenceLink": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
"serverity": "\u4e2d",
"submitTime": "2018-08-16",
"title": "Intel CPU Foreshadow\uff08\u9884\u5146\uff09\u6f0f\u6d1e"
}
GHSA-9W6J-7396-JGW4
Vulnerability from github – Published: 2022-05-13 01:20 – Updated: 2022-05-13 01:20
VLAI?
Details
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Severity ?
6.4 (Medium)
{
"affected": [],
"aliases": [
"CVE-2018-3615"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-08-14T19:29:00Z",
"severity": "MODERATE"
},
"details": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.",
"id": "GHSA-9w6j-7396-jgw4",
"modified": "2022-05-13T01:20:08Z",
"published": "2022-05-13T01:20:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3615"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"type": "WEB",
"url": "https://foreshadowattack.eu"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"type": "WEB",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180815-0001"
},
{
"type": "WEB",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"type": "WEB",
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"type": "WEB",
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"type": "WEB",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105080"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041451"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2018-3615
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-3615",
"description": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.",
"id": "GSD-2018-3615",
"references": [
"https://www.suse.com/security/cve/CVE-2018-3615.html",
"https://advisories.mageia.org/CVE-2018-3615.html",
"https://security.archlinux.org/CVE-2018-3615",
"https://alas.aws.amazon.com/cve/html/CVE-2018-3615.html",
"https://linux.oracle.com/cve/CVE-2018-3615.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-3615"
],
"details": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.",
"id": "GSD-2018-3615",
"modified": "2023-12-13T01:22:43.095049Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-08-14T00:00:00",
"ID": "CVE-2018-3615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multiple",
"version": {
"version_data": [
{
"version_value": "Multiple"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#982149",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "1041451",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041451"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"name": "105080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105080"
},
{
"name": "https://foreshadowattack.eu/",
"refsource": "MISC",
"url": "https://foreshadowattack.eu/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"name": "https://support.f5.com/csp/article/K35558453",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_45",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
"refsource": "CONFIRM",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2018-3615"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"name": "1041451",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041451"
},
{
"name": "105080",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105080"
},
{
"name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"name": "https://foreshadowattack.eu/",
"refsource": "MISC",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://foreshadowattack.eu/"
},
{
"name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_45",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"name": "https://support.f5.com/csp/article/K35558453",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"name": "VU#982149",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 4.7
}
},
"lastModifiedDate": "2020-08-24T17:37Z",
"publishedDate": "2018-08-14T19:29Z"
}
}
}
FKIE_CVE-2018-3615
Vulnerability from fkie_nvd - Published: 2018-08-14 19:29 - Updated: 2024-11-21 04:05
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | http://support.lenovo.com/us/en/solutions/LEN-24163 | Third Party Advisory | |
| secure@intel.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en | Third Party Advisory | |
| secure@intel.com | http://www.securityfocus.com/bid/105080 | Third Party Advisory, VDB Entry | |
| secure@intel.com | http://www.securitytracker.com/id/1041451 | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf | ||
| secure@intel.com | https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf | ||
| secure@intel.com | https://foreshadowattack.eu/ | Technical Description, Third Party Advisory | |
| secure@intel.com | https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html | ||
| secure@intel.com | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008 | Third Party Advisory | |
| secure@intel.com | https://security.netapp.com/advisory/ntap-20180815-0001/ | Third Party Advisory | |
| secure@intel.com | https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault | Mitigation, Vendor Advisory | |
| secure@intel.com | https://support.f5.com/csp/article/K35558453 | Third Party Advisory | |
| secure@intel.com | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us | Third Party Advisory | |
| secure@intel.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel | Third Party Advisory | |
| secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html | Vendor Advisory | |
| secure@intel.com | https://www.kb.cert.org/vuls/id/982149 | Third Party Advisory | |
| secure@intel.com | https://www.synology.com/support/security/Synology_SA_18_45 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.lenovo.com/us/en/solutions/LEN-24163 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105080 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041451 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://foreshadowattack.eu/ | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180815-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K35558453 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/982149 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.synology.com/support/security/Synology_SA_18_45 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | core_i3 | 6006u | |
| intel | core_i3 | 6098p | |
| intel | core_i3 | 6100 | |
| intel | core_i3 | 6100e | |
| intel | core_i3 | 6100h | |
| intel | core_i3 | 6100t | |
| intel | core_i3 | 6100te | |
| intel | core_i3 | 6100u | |
| intel | core_i3 | 6102e | |
| intel | core_i3 | 6157u | |
| intel | core_i3 | 6167u | |
| intel | core_i3 | 6300 | |
| intel | core_i3 | 6300t | |
| intel | core_i3 | 6320 | |
| intel | core_i5 | 650 | |
| intel | core_i5 | 655k | |
| intel | core_i5 | 660 | |
| intel | core_i5 | 661 | |
| intel | core_i5 | 670 | |
| intel | core_i5 | 680 | |
| intel | core_i5 | 6200u | |
| intel | core_i5 | 6260u | |
| intel | core_i5 | 6267u | |
| intel | core_i5 | 6287u | |
| intel | core_i5 | 6300hq | |
| intel | core_i5 | 6300u | |
| intel | core_i5 | 6350hq | |
| intel | core_i5 | 6360u | |
| intel | core_i5 | 6400 | |
| intel | core_i5 | 6400t | |
| intel | core_i5 | 6402p | |
| intel | core_i5 | 6440eq | |
| intel | core_i5 | 6440hq | |
| intel | core_i5 | 6442eq | |
| intel | core_i5 | 6500 | |
| intel | core_i5 | 6500t | |
| intel | core_i5 | 6500te | |
| intel | core_i5 | 6585r | |
| intel | core_i5 | 6600 | |
| intel | core_i5 | 6600k | |
| intel | core_i5 | 6600t | |
| intel | core_i5 | 6685r | |
| intel | core_i7 | 610e | |
| intel | core_i7 | 620le | |
| intel | core_i7 | 620lm | |
| intel | core_i7 | 620m | |
| intel | core_i7 | 620ue | |
| intel | core_i7 | 620um | |
| intel | core_i7 | 640lm | |
| intel | core_i7 | 640m | |
| intel | core_i7 | 640um | |
| intel | core_i7 | 660lm | |
| intel | core_i7 | 660ue | |
| intel | core_i7 | 660um | |
| intel | core_i7 | 680um | |
| intel | core_i5 | 750 | |
| intel | core_i5 | 750s | |
| intel | core_i5 | 760 | |
| intel | core_i7 | 7y75 | |
| intel | core_i7 | 720qm | |
| intel | core_i7 | 740qm | |
| intel | core_i7 | 7500u | |
| intel | core_i7 | 7560u | |
| intel | core_i7 | 7567u | |
| intel | core_i7 | 7600u | |
| intel | core_i7 | 7660u | |
| intel | core_i7 | 7700 | |
| intel | core_i7 | 7700hq | |
| intel | core_i7 | 7700k | |
| intel | core_i7 | 7700t | |
| intel | core_i7 | 7820eq | |
| intel | core_i7 | 7820hk | |
| intel | core_i7 | 7820hq | |
| intel | core_i7 | 7920hq | |
| intel | core_i3 | 8100 | |
| intel | core_i3 | 8350k | |
| intel | core_i5 | 8250u | |
| intel | core_i5 | 8350u | |
| intel | core_i5 | 8400 | |
| intel | core_i5 | 8600k | |
| intel | core_i7 | 820qm | |
| intel | core_i7 | 840qm | |
| intel | core_i7 | 860 | |
| intel | core_i7 | 860s | |
| intel | core_i7 | 870 | |
| intel | core_i7 | 870s | |
| intel | core_i7 | 875k | |
| intel | core_i7 | 880 | |
| intel | core_i7 | 8550u | |
| intel | core_i7 | 8650u | |
| intel | core_i7 | 8700 | |
| intel | core_i7 | 8700k | |
| intel | xeon_e3 | 1515m_v5 | |
| intel | xeon_e3 | 1535m_v5 | |
| intel | xeon_e3 | 1545m_v5 | |
| intel | xeon_e3 | 1558l_v5 | |
| intel | xeon_e3 | 1565l_v5 | |
| intel | xeon_e3 | 1575m_v5 | |
| intel | xeon_e3 | 1578l_v5 | |
| intel | xeon_e3 | 1585_v5 | |
| intel | xeon_e3 | 1585l_v5 | |
| intel | xeon_e3_1220_v5 | - | |
| intel | xeon_e3_1225_v5 | - | |
| intel | xeon_e3_1230_v5 | - | |
| intel | xeon_e3_1235l_v5 | - | |
| intel | xeon_e3_1240_v5 | - | |
| intel | xeon_e3_1240l_v5 | - | |
| intel | xeon_e3_1245_v5 | - | |
| intel | xeon_e3_1260l_v5 | - | |
| intel | xeon_e3_1268l_v5 | - | |
| intel | xeon_e3_1270_v5 | - | |
| intel | xeon_e3_1275_v5 | - | |
| intel | xeon_e3_1280_v5 | - | |
| intel | xeon_e3_1505l_v5 | - | |
| intel | xeon_e3_1505m_v5 | - | |
| intel | xeon_e3 | 1505m_v6 | |
| intel | xeon_e3 | 1535m_v6 | |
| intel | xeon_e3_1220_v6 | - | |
| intel | xeon_e3_1225_v6 | - | |
| intel | xeon_e3_1230_v6 | - | |
| intel | xeon_e3_1240_v6 | - | |
| intel | xeon_e3_1245_v6 | - | |
| intel | xeon_e3_1270_v6 | - | |
| intel | xeon_e3_1275_v6 | - | |
| intel | xeon_e3_1280_v6 | - | |
| intel | xeon_e3_1285_v6 | - | |
| intel | xeon_e3_1501l_v6 | - | |
| intel | xeon_e3_1501m_v6 | - | |
| intel | xeon_e3_1505l_v6 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B859F7-0373-4ADD-92B3-0FAB42FCF23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC76F31-00A5-4719-AA50-92F773919B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*",
"matchCriteriaId": "49996F5A-51B2-4D4E-AE04-E98E093A76CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8406B0-D1E5-4633-B17E-53DC99FE7622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*",
"matchCriteriaId": "3D49435C-7C33-454B-9F43-9C10F28A28A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*",
"matchCriteriaId": "D17E1A0F-1150-4899-81BC-BE84E4EF5FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*",
"matchCriteriaId": "EADD98AE-BAB0-440D-AB9F-2D76BE5109E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*",
"matchCriteriaId": "ED44A404-8548-4EDC-8928-4094D05A6A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*",
"matchCriteriaId": "3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AAD8F0-0D31-4806-8A88-A30E5BE43630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*",
"matchCriteriaId": "8164EE5F-6ABA-4365-8718-2F98C2E57A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*",
"matchCriteriaId": "C7110AF9-A407-4EE2-9C46-E5F1E3638E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*",
"matchCriteriaId": "2A06696D-37F0-427D-BFC5-1606E7441C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB02172-B9A7-4801-88F2-98BF5843184A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*",
"matchCriteriaId": "5141380E-BD18-47C1-A84C-384BA821773D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE6C49E-2359-4E44-9979-7D34F8460E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*",
"matchCriteriaId": "C004B75F-37AF-4E61-98F3-1B09A7062DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*",
"matchCriteriaId": "F7126D19-C6D9-43CB-8809-647B1A20E7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC98503-A80A-4114-8BF2-E016659BE84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC246FE-4CA6-4B2D-83C3-D50A386C24A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*",
"matchCriteriaId": "758A14DB-1BAF-442A-BA7C-5E9C67847BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*",
"matchCriteriaId": "61309100-CFA7-4607-A236-8910838AA057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*",
"matchCriteriaId": "82D76265-7BD0-4C51-AE77-22B22524DE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*",
"matchCriteriaId": "DE38B195-BB8D-4747-881D-E8033760B4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA8BE76-168D-48A3-8DF6-E91F44600408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*",
"matchCriteriaId": "3B656975-5D71-4712-9820-BDB7BC248AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*",
"matchCriteriaId": "FA045267-114D-4587-B6D7-E273C28DC9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*",
"matchCriteriaId": "77018415-E122-406E-896D-1BC6CF790BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*",
"matchCriteriaId": "D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E1C012-3E05-44DB-B6D2-BFD619C034B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*",
"matchCriteriaId": "15D689D6-8594-42F2-8EEF-DCAEBA885A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*",
"matchCriteriaId": "A6446000-0494-4DC5-ABAA-F20A44546068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*",
"matchCriteriaId": "99B94EEC-6690-45D0-B086-F4A5B25C25CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*",
"matchCriteriaId": "8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*",
"matchCriteriaId": "832AB3CD-E3A1-4CCB-A210-287973563D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*",
"matchCriteriaId": "5A26C0CC-68AD-40F5-96B8-87E6C643F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*",
"matchCriteriaId": "99C4221A-9994-43B3-9C7A-E13815A50A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*",
"matchCriteriaId": "20070B1D-B91C-40BA-A9D8-E80170A2933F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*",
"matchCriteriaId": "A70129C9-371F-4542-A388-C095869E593A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A5EC79-1B21-4BB3-8791-73507BC8D4DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB4AFC3-FE30-4F46-ADC1-D03EB14E757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0387587-AAB6-4284-8516-4DA3E3582D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*",
"matchCriteriaId": "A238C975-9196-449F-9C15-ABB2E9FD1D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*",
"matchCriteriaId": "6F17F4A5-120B-4E00-97C8-8A85841ACBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*",
"matchCriteriaId": "2537F047-64C9-4E73-B82C-310253184183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A55857C-649D-46CE-AEDA-6E553E554FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA4892D-AFDF-4441-821E-5EBF7F64C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*",
"matchCriteriaId": "327E06A3-7F0E-4498-8811-10C8D15398FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*",
"matchCriteriaId": "1624E6D6-858E-4085-B0B9-362B819EFD88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*",
"matchCriteriaId": "50D61F4A-40F0-477C-8326-7359D3626E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*",
"matchCriteriaId": "1455B4DE-7F1C-4CF2-AE02-2EDD20025D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*",
"matchCriteriaId": "5B215788-860B-46CD-9A08-43AFF98FAEAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*",
"matchCriteriaId": "01E6F4A7-24BE-4AA0-9CDD-84FBC56FE9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*",
"matchCriteriaId": "3821412D-B010-49C4-A7B4-6C5FB6C603B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*",
"matchCriteriaId": "A34CA5CC-9EB1-4063-8B9D-3F566C1EFF76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*",
"matchCriteriaId": "2B92FAD5-CA6E-48F7-9613-3A4CE90F5F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EB132B-000C-4A17-AFB3-19F40A73D2CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*",
"matchCriteriaId": "6158ED8A-007E-48B7-99BF-8BA03BF584BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA7096A-F321-49A0-911A-F9683ABE6E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*",
"matchCriteriaId": "6A471395-7F8F-4BA5-962D-4D8F271FAB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*",
"matchCriteriaId": "B9484380-92B9-44DB-8E20-DC8DE02D1CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*",
"matchCriteriaId": "8010808D-805D-4CA3-9EA2-55EB1E57964C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*",
"matchCriteriaId": "9716FE9F-A056-42A3-A241-F2FE37A6386A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*",
"matchCriteriaId": "F73422A3-ECA0-4C41-9AA5-CF7D77885CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*",
"matchCriteriaId": "7A96A5AF-C9EF-4DED-AE25-4540A2B02915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*",
"matchCriteriaId": "D5115B12-053A-4866-A833-D6EC88D8F93E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*",
"matchCriteriaId": "C5619D4D-9685-4595-8A5F-A18273FE4213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*",
"matchCriteriaId": "B77E00E7-0EA4-4E32-A693-0E0F66BA4C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA3457E-7E1A-4878-9752-79382E954A66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*",
"matchCriteriaId": "68630C63-4457-4E12-B7BD-AD456B237FC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*",
"matchCriteriaId": "68A76015-0A05-4EC7-B136-DC13B55D881F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*",
"matchCriteriaId": "C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4DE25F-168A-4C67-8B66-09F61F072BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*",
"matchCriteriaId": "58157F24-D89E-4552-8CE6-2F01E98BD1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*",
"matchCriteriaId": "45ACBBEA-EC95-4F3E-B585-893DB6D21A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4815AE-B635-4545-83C2-5EC4E0128337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C0046C06-E3E6-4674-A4D1-332DD29D9552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*",
"matchCriteriaId": "2C191851-3DC3-41C7-AD89-81F091CCC83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*",
"matchCriteriaId": "21126922-8E81-47F4-82D4-CBCDDACEC4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*",
"matchCriteriaId": "209E18B0-BBB5-4C65-B336-44340F7740DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*",
"matchCriteriaId": "C867C0B8-91A4-482A-B7DD-54AB9599AE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*",
"matchCriteriaId": "30F03843-8A51-4CE1-BE6C-994BDE3A8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*",
"matchCriteriaId": "09854948-2657-4261-A32A-0523058F072E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FB5695-2950-4CEC-81B4-FD280F835330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*",
"matchCriteriaId": "9F340AF8-508F-449D-9AFA-4E55F069B4F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*",
"matchCriteriaId": "E944410E-D674-4141-B50C-9F55090325FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*",
"matchCriteriaId": "A6438E07-0AC0-4BF9-B0F2-9072CA9639D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "687C3BF3-D71A-49AD-8A05-EAC07CBCD949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "90AF90D9-16C4-4F8A-9868-3E2823E3445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "64596ED7-794A-4D23-987B-D9AD59D48EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E52BA6-2F2F-4CD2-A601-5B0ADDE5E23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDA48F0-0F35-4A8F-8117-B0B28E00AB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "A561A8E8-79E2-4071-B57D-590C22EF86A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "92E46658-60AB-4758-9236-3AC0E6464383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "207B8FBA-E2FF-485A-9AD9-E604AE0FB903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
"matchCriteriaId": "33F99640-C753-40BE-A0A1-4C2D92E7DB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF7EC93-0170-45A9-86C7-5460320B2AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9FF7FB-AB5A-4549-8C15-E69458C649E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A79C2131-5566-4CC2-B6ED-38E3F6964500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "605D7552-8184-4B11-96FD-FE501A6C97DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7165B43-ED22-4714-8FA4-1E201D1BFA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13878C13-1C7C-4B83-AF27-4998E8F659DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C48BBAF-6B27-43D6-B86B-40CD8E7BA056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04DB08C8-0018-4A8E-A206-097BDDF83B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1BD2B6-1AF6-4AD4-94FA-94B453A21908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E96F585E-BDEF-45EE-B0AB-94FE23753AC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
"matchCriteriaId": "44AA72FB-E78D-419E-AA82-B0538C6504D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C063C53-8970-45B1-85F8-FB2080BF4695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEF6608-B650-4C77-9823-0AD57B3484F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3144BBDE-CC96-4408-AA02-ECC3BF902A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75AD7649-3FEA-4971-9886-6C9312B937A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C07E80D5-70A5-49C9-9044-D683C7ECCFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D75D0EEB-707C-4C86-A569-E91E9F00BA77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7193E85-30BE-42D5-A26B-3F88817F3574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A371DF9-E224-404F-99C2-C2A4607E62D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6215EBAC-7C75-4647-9970-482120897F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3357FCAC-B6C4-4E3E-A40B-AB5084A7F9B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1FD6E8-80EC-461F-9ED1-CE5912399E80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
},
{
"lang": "es",
"value": "Los sistemas con microprocesadores que emplean ejecuci\u00f3n especulativa y extensiones Intel software guard (Intel SGX) podr\u00eda permitir la fuga no autorizada de informaci\u00f3n que reside en la cach\u00e9 de datos L1 desde un enclave a un atacante con acceso de usuario local mediante un an\u00e1lisis de canal lateral."
}
],
"id": "CVE-2018-3615",
"lastModified": "2024-11-21T04:05:46.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-14T19:29:00.670",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105080"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041451"
},
{
"source": "secure@intel.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"source": "secure@intel.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"source": "secure@intel.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://foreshadowattack.eu/"
},
{
"source": "secure@intel.com",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"source": "secure@intel.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://foreshadowattack.eu/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K35558453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_45"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2019-AVI-489
Vulnerability from certfr_avis - Published: 2019-10-08 - Updated: 2019-10-08
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC PROFINET Driver versions antérieures à V2.1 | ||
| Siemens | N/A | SINAMICS G120 V4.7 (PN Control Unit) versions antérieures à V4.7 SP10 HF5 | ||
| Siemens | N/A | SIMATIC CFU PA versions antérieures à V1.2.0 | ||
| Siemens | N/A | SINAMICS S120 V4.7 (Control Unit et CBE20) versions antérieures à V4.7 HF34 ou V5.2 HF2 | ||
| Siemens | N/A | SINAMICS GH150 V4.7 (Control Unit) versions antérieures à V4.8 SP2 HF9 | ||
| Siemens | N/A | SIMATIC ET 200SP IM 155-6 PN/2 HF versions antérieures à V4.2.2 | ||
| Siemens | N/A | SINAMICS G120 V4.7 (Control Unit) versions antérieures à V4.7 SP10 HF5 | ||
| Siemens | N/A | SIMATIC ET 200SP IM 155-6 PN/3 HF versions antérieures à V4.2.1 | ||
| Siemens | N/A | SCALANCE X-200IRT versions antérieures à V5.4.2 | ||
| Siemens | N/A | SINAMICS G130 V4.7 (Control Unit) versions antérieures à V4.7 HF29 ou V5.2 HF2 | ||
| Siemens | N/A | Development/Evaluation Kits for PROFINET IO:DK Standard Ethernet Controller versions antérieures à V4.1.1 Patch 05 | ||
| Siemens | N/A | Development/Evaluation Kits for PROFINET IO:EK-ERTEC 200P versions antérieures à V4.5.0 | ||
| Siemens | N/A | SINAMICS GL150 V4.7 (Control Unit) versions antérieures à V4.8 SP2 HF9 | ||
| Siemens | N/A | CP1616 versions antérieures à V2.8 | ||
| Siemens | N/A | SINAMICS G110M V4.7 (Control Unit) versions antérieures à V4.7 SP10 HF5 | ||
| Siemens | N/A | SIMATIC ET 200MP IM 155-5 PN BA versions antérieures à V4.2.3 | ||
| Siemens | N/A | SINAMICS G110M V4.7 (PN Control Unit) versions antérieures à V4.7 SP10 HF5 | ||
| Siemens | N/A | SINAMICS DCM versions antérieures à V1.5 HF1 | ||
| Siemens | N/A | SINAMICS GM150 V4.7 (Control Unit) versions antérieures à V4.8 SP2 HF9 | ||
| Siemens | N/A | SIMATIC IT UADM versions antérieures à V1.3 | ||
| Siemens | N/A | Development/Evaluation Kits for PROFINET IO:EK-ERTEC 200 versions antérieures à V4.5.0 Patch 01 | ||
| Siemens | N/A | SIMATIC S7-400H V6 versions antérieures à V6.0.9 | ||
| Siemens | N/A | SIMATIC WinAC RTX (F) 2010 versions antérieures à SIMATIC WinAC RTX 2010 SP3 avec les mises à jour BIOS et Windows | ||
| Siemens | N/A | SIMATIC ET 200SP IM 155-6 PN HF versions antérieures à V4.2.2 | ||
| Siemens | N/A | CP1604 versions antérieures à V2.8 | ||
| Siemens | N/A | SINUMERIK 828D versions antérieures à V4.8 SP5 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC PROFINET Driver versions ant\u00e9rieures \u00e0 V2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G120 V4.7 (PN Control Unit) versions ant\u00e9rieures \u00e0 V4.7 SP10 HF5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CFU PA versions ant\u00e9rieures \u00e0 V1.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 V4.7 (Control Unit et CBE20) versions ant\u00e9rieures \u00e0 V4.7 HF34 ou V5.2 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS GH150 V4.7 (Control Unit) versions ant\u00e9rieures \u00e0 V4.8 SP2 HF9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN/2 HF versions ant\u00e9rieures \u00e0 V4.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G120 V4.7 (Control Unit) versions ant\u00e9rieures \u00e0 V4.7 SP10 HF5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN/3 HF versions ant\u00e9rieures \u00e0 V4.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X-200IRT versions ant\u00e9rieures \u00e0 V5.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G130 V4.7 (Control Unit) versions ant\u00e9rieures \u00e0 V4.7 HF29 ou V5.2 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Development/Evaluation Kits for PROFINET IO:DK Standard Ethernet Controller versions ant\u00e9rieures \u00e0 V4.1.1 Patch 05",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Development/Evaluation Kits for PROFINET IO:EK-ERTEC 200P versions ant\u00e9rieures \u00e0 V4.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS GL150 V4.7 (Control Unit) versions ant\u00e9rieures \u00e0 V4.8 SP2 HF9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CP1616 versions ant\u00e9rieures \u00e0 V2.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G110M V4.7 (Control Unit) versions ant\u00e9rieures \u00e0 V4.7 SP10 HF5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200MP IM 155-5 PN BA versions ant\u00e9rieures \u00e0 V4.2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G110M V4.7 (PN Control Unit) versions ant\u00e9rieures \u00e0 V4.7 SP10 HF5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS DCM versions ant\u00e9rieures \u00e0 V1.5 HF1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS GM150 V4.7 (Control Unit) versions ant\u00e9rieures \u00e0 V4.8 SP2 HF9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IT UADM versions ant\u00e9rieures \u00e0 V1.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Development/Evaluation Kits for PROFINET IO:EK-ERTEC 200 versions ant\u00e9rieures \u00e0 V4.5.0 Patch 01",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400H V6 versions ant\u00e9rieures \u00e0 V6.0.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinAC RTX (F) 2010 versions ant\u00e9rieures \u00e0 SIMATIC WinAC RTX 2010 SP3 avec les mises \u00e0 jour BIOS et Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN HF versions ant\u00e9rieures \u00e0 V4.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CP1604 versions ant\u00e9rieures \u00e0 V2.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK 828D versions ant\u00e9rieures \u00e0 V4.8 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-11091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
},
{
"name": "CVE-2018-12127",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
},
{
"name": "CVE-2019-10936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10936"
},
{
"name": "CVE-2017-5754",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
},
{
"name": "CVE-2018-12130",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
},
{
"name": "CVE-2019-10923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10923"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2019-13929",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13929"
},
{
"name": "CVE-2019-13921",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13921"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-12126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3640"
},
{
"name": "CVE-2018-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3615"
}
],
"initial_release_date": "2019-10-08T00:00:00",
"last_revision_date": "2019-10-08T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-489",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-10-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service\n\u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-608355 du 08 octobre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-349422 du 08 octobre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-878278 du 08 octobre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-878278.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-473245 du 08 octobre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-984700 du 08 octobre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-984700.pdf"
}
]
}
CERTFR-2018-AVI-387
Vulnerability from certfr_avis - Published: 2018-08-16 - Updated: 2018-08-16
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Processeurs Intel Core i3 (45nm et 32nm)
- Processeurs Intel Core i5 (45nm et 32nm)
- Processeurs Intel Core i7 (45nm et 32nm)
- Processeurs de la famille Intel Core M (45nm et 32nm)
- Processeurs Intel Core de seconde génération
- Processeurs Intel Core de troisième génération
- Processeurs Intel Core de quatrième génération
- Processeurs Intel Core de cinquième génération
- Processeurs Intel Core de sixième génération
- Processeurs Intel Core de septième génération
- Processeurs Intel Core de huitième génération
- Processeurs de la famille Intel Core X-series pour plateforme Intel X99
- Processeurs de la famille Intel Core X-series pour plateforme Intel X299
- Processeurs Intel Xeon séries 3400, 3600, 5500, 5600, 6500 et 7500
- Processeurs Intel Xeon familles E3, E3 v2, E3 v3, E3 v4, E3 v5, E3 v6
- Processeurs Intel Xeon familles E5, E5 v2, E5 v3, E5 v4
- Processeurs Intel Xeon familles E7, E7 v2, E7 v3, E7 v4
- Processeurs de la famille Intel Xeon Scalable
- Processeurs Intel Xeon famille D (1500, 2100)
Pour une liste complète et mise à jour des systèmes impactés, le CERT-FR recommande de se référer au bulletin de sécurité de l'éditeur (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eProcesseurs Intel Core i3 (45nm et 32nm)\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core i5 (45nm et 32nm)\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core i7 (45nm et 32nm)\u003c/li\u003e \u003cli\u003eProcesseurs de la famille Intel Core M (45nm et 32nm)\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core de seconde g\u00e9n\u00e9ration\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core de troisi\u00e8me g\u00e9n\u00e9ration\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core de quatri\u00e8me g\u00e9n\u00e9ration\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core de cinqui\u00e8me g\u00e9n\u00e9ration\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core de sixi\u00e8me g\u00e9n\u00e9ration\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core de septi\u00e8me g\u00e9n\u00e9ration\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core de huiti\u00e8me g\u00e9n\u00e9ration\u003c/li\u003e \u003cli\u003eProcesseurs de la famille Intel Core X-series pour plateforme Intel X99\u003c/li\u003e \u003cli\u003eProcesseurs de la famille Intel Core X-series pour plateforme Intel X299\u003c/li\u003e \u003cli\u003eProcesseurs Intel Xeon s\u00e9ries 3400, 3600, 5500, 5600, 6500 et 7500\u003c/li\u003e \u003cli\u003eProcesseurs Intel Xeon familles E3, E3 v2, E3 v3, E3 v4, E3 v5, E3 v6\u003c/li\u003e \u003cli\u003eProcesseurs Intel Xeon familles E5, E5 v2, E5 v3, E5 v4\u003c/li\u003e \u003cli\u003eProcesseurs Intel Xeon familles E7, E7 v2, E7 v3, E7 v4\u003c/li\u003e \u003cli\u003eProcesseurs de la famille Intel Xeon Scalable\u003c/li\u003e \u003cli\u003eProcesseurs Intel Xeon famille D (1500, 2100)\u003c/li\u003e \u003c/ul\u003e \u003cp\u003ePour une liste compl\u00e8te et mise \u00e0 jour des syst\u00e8mes impact\u00e9s, le CERT-FR recommande de se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur (cf. section Documentation).\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3615"
}
],
"initial_release_date": "2018-08-16T00:00:00",
"last_revision_date": "2018-08-16T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-387",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00161 du 14 ao\u00fbt 2018",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
}
]
}
CERTFR-2018-AVI-476
Vulnerability from certfr_avis - Published: 2018-10-09 - Updated: 2018-10-09
De multiples vulnérabilités ont été découvertes dans SCADA les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC IPC627C toutes versions | ||
| Siemens | N/A | SIMATIC IPC847C toutes versions | ||
| Siemens | N/A | SIMATIC IPC227E toutes versions | ||
| Siemens | N/A | SIMATIC ITP1000 toutes versions | ||
| Siemens | N/A | SINUMERIK Panels wtih integrated TCU toutes versions | ||
| Siemens | N/A | SIMATIC S7-1200 CPU versions antérieures à 4.2.3 exclue | ||
| Siemens | N/A | SIMATIC IPC427D versions de BIOS antérieures à 17.0x.14 exclue | ||
| Siemens | N/A | SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP (MLFB: 6ES7518-4FX00-1AC0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller versions comprises entre à 2.0 inclue et 2.5 exclue | ||
| Siemens | N/A | SIMATIC ET 200 SP Open Controller toutes versions | ||
| Siemens | N/A | SIMATIC Field PG M5 versions de BIOS antérieures à 22.01.06 exclue | ||
| Siemens | N/A | SIMATIC IPC477D versions de BIOS antérieures à 17.0x.14 exclue | ||
| Siemens | N/A | SIMATIC IPC827D toutes versions | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller versions supérieures à 2.0 inclue | ||
| Siemens | N/A | SCALANCE W1750D versions antérieures à 8.3.0.1 exclue | ||
| Siemens | N/A | SIMATIC IPC477E Pro versions de BIOS antérieures à 21.01.09 exclue | ||
| Siemens | N/A | SIMATIC ET 200 SP Open Controller (F) toutes versions | ||
| Siemens | N/A | SINUMERIK 840 D sl (NCU720.3B, NCU730.3B, NCU720.3, NCU730.3) toutes versions | ||
| Siemens | N/A | SIMATIC IPC427E versions de BIOS antérieures à 21.01.09 exclue | ||
| Siemens | N/A | SIMATIC S7-1500 (incl. F) versions comprises entre 2.0 inclus et 2.5 exclue | ||
| Siemens | N/A | SIMATIC IPC3000 SMART V2 toutes versions | ||
| Siemens | N/A | SIMATIC IPC277E toutes versions | ||
| Siemens | N/A | SIMATIC IPC347E toutes versions | ||
| Siemens | N/A | RUGGEDCOM RX1400 VPE toutes versions | ||
| Siemens | N/A | SIMATIC IPC647C toutes versions | ||
| Siemens | N/A | SIMATIC IPC647D toutes versions | ||
| Siemens | N/A | SIMATIC IPC627D toutes versions | ||
| Siemens | N/A | SIMOTION P320-4S toutes versions | ||
| Siemens | N/A | SIMATIC IPC827C toutes versions | ||
| Siemens | N/A | SIMOTION P320-4E toutes versions | ||
| Siemens | N/A | SIMATIC IPC547E toutes versions | ||
| Siemens | N/A | SIMATIC IPC677D toutes versions | ||
| Siemens | N/A | SINUMERIK PCU 50.5 toutes versions | ||
| Siemens | N/A | SIMATIC IPC477E versions de BIOS antérieures à 21.01.09 exclue | ||
| Siemens | N/A | SIMATIC IPC327E toutes versions | ||
| Siemens | N/A | SIMATIC IPC677C toutes versions | ||
| Siemens | N/A | SINUMERIK TCU 30.3 toutes versions | ||
| Siemens | N/A | SIMATIC IPC547G toutes versions | ||
| Siemens | N/A | SIMATIC Field PG M4 versions de BIOS antérieures à 18.01.09 exclue | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller toutes versions | ||
| Siemens | N/A | ROX II versions antérieures à 2.12.1 exclue | ||
| Siemens | N/A | SIMATIC IPC477C toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0) toutes versions | ||
| Siemens | N/A | SIMATIC IPC377E toutes versions | ||
| Siemens | N/A | SIMATIC IPC847D toutes versions | ||
| Siemens | N/A | SIMATIC IPC427C toutes versions | ||
| Siemens | N/A | RUGGEDCOM APE toutes versions |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC IPC627C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC847C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC227E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ITP1000 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Panels wtih integrated TCU toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU versions ant\u00e9rieures \u00e0 4.2.3 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427D versions de BIOS ant\u00e9rieures \u00e0 17.0x.14 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP (MLFB: 6ES7518-4FX00-1AC0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller versions comprises entre \u00e0 2.0 inclue et 2.5 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200 SP Open Controller toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M5 versions de BIOS ant\u00e9rieures \u00e0 22.01.06 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477D versions de BIOS ant\u00e9rieures \u00e0 17.0x.14 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC827D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller versions sup\u00e9rieures \u00e0 2.0 inclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 8.3.0.1 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E Pro versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200 SP Open Controller (F) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK 840 D sl (NCU720.3B, NCU730.3B, NCU720.3, NCU730.3) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427E versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 (incl. F) versions comprises entre 2.0 inclus et 2.5 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC3000 SMART V2 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC277E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC347E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RX1400 VPE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC647C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC647D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC627D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOTION P320-4S toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC827C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOTION P320-4E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC547E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC677D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK PCU 50.5 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC327E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC677C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK TCU 30.3 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC547G toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M4 versions de BIOS ant\u00e9rieures \u00e0 18.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "ROX II versions ant\u00e9rieures \u00e0 2.12.1 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC377E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC847D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM APE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13099"
},
{
"name": "CVE-2018-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13800"
},
{
"name": "CVE-2018-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13805"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2018-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13801"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3615"
}
],
"initial_release_date": "2018-10-09T00:00:00",
"last_revision_date": "2018-10-09T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-476",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-10-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-507847 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-507847.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-254686 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-347726 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-493830 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-464260 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…