Vulnerabilites related to intel - client_nvme
Vulnerability from fkie_nvd
Published
2018-10-10 14:29
Modified
2024-11-21 03:44
Severity ?
Summary
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | client_nvme | * | |
| intel | datacenter_nvme | * | |
| intel | rapid_storage_technology | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:client_nvme:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB3CF20-F45D-471F-9DF8-C6FB0B051642",
"versionEndExcluding": "4.0.0.1007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:datacenter_nvme:*:*:*:*:*:*:*:*",
"matchCriteriaId": "135D93DD-A025-466F-863A-E0F84F317E12",
"versionEndIncluding": "4.0.0.1006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:rapid_storage_technology:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F74F164C-EB46-417C-BAAA-084C294F2839",
"versionEndExcluding": "4.7.0.2083",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access."
},
{
"lang": "es",
"value": "Los permisos en los instaladores de paquetes de controladores para Intel NVMe en versiones anteriores a la 4.0.0.1007 e Intel RSTe en versiones anteriores a la 4.7.0.2083 podr\u00eda permitir que un usuario autenticado pueda escalar privilegios mediante acceso local."
}
],
"id": "CVE-2018-12131",
"lastModified": "2024-11-21T03:44:39.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-10T14:29:00.277",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00154.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-12131 (GCVE-0-2018-12131)
Vulnerability from cvelistv5
Published
2018-10-10 14:00
Modified
2024-09-17 02:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Escalation of Privilege
Summary
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel NVMe and Intel RSTe |
Version: Various |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:57.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00154.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel NVMe and Intel RSTe",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T13:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00154.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-10-09T00:00:00",
"ID": "CVE-2018-12131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel NVMe and Intel RSTe",
"version": {
"version_data": [
{
"version_value": "Various"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00154.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00154.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-12131",
"datePublished": "2018-10-10T14:00:00Z",
"dateReserved": "2018-06-11T00:00:00",
"dateUpdated": "2024-09-17T02:01:32.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}