cvelistv5 - cve-2018-3615

CVE-2018-3615 (GCVE-0-2018-3615)

Vulnerability from cvelistv5

Published

2018-08-14 19:00

Modified

2024-09-16 19:40

Severity ?

CWE

Information Disclosure

Summary

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.

References

►

URL

Tags

secure@intel.com	http://support.lenovo.com/us/en/solutions/LEN-24163	Third Party Advisory
secure@intel.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en	Third Party Advisory
secure@intel.com	http://www.securityfocus.com/bid/105080	Third Party Advisory, VDB Entry
secure@intel.com	http://www.securitytracker.com/id/1041451	Third Party Advisory, VDB Entry
secure@intel.com	https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
secure@intel.com	https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
secure@intel.com	https://foreshadowattack.eu/	Technical Description, Third Party Advisory
secure@intel.com	https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
secure@intel.com	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008	Third Party Advisory
secure@intel.com	https://security.netapp.com/advisory/ntap-20180815-0001/	Third Party Advisory
secure@intel.com	https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault	Mitigation, Vendor Advisory
secure@intel.com	https://support.f5.com/csp/article/K35558453	Third Party Advisory
secure@intel.com	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us	Third Party Advisory
secure@intel.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel	Third Party Advisory
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html	Vendor Advisory
secure@intel.com	https://www.kb.cert.org/vuls/id/982149	Third Party Advisory
secure@intel.com	https://www.synology.com/support/security/Synology_SA_18_45	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.lenovo.com/us/en/solutions/LEN-24163	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105080	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041451	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
af854a3a-2127-422b-91ae-364da2661108	https://foreshadowattack.eu/	Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
af854a3a-2127-422b-91ae-364da2661108	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20180815-0001/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K35558453	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/982149	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.synology.com/support/security/Synology_SA_18_45	Third Party Advisory

Impacted products

	Vendor	Product	Version
	Intel Corporation	Multiple	Version: Multiple

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:50:30.411Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#982149",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/982149"
          },
          {
            "name": "1041451",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041451"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
          },
          {
            "name": "105080",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105080"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://foreshadowattack.eu/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
          },
          {
            "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K35558453"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_45"
          },
          {
            "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Multiple",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple"
            }
          ]
        }
      ],
      "datePublic": "2018-08-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-08T12:06:06",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "VU#982149",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/982149"
        },
        {
          "name": "1041451",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041451"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
        },
        {
          "name": "105080",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105080"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://foreshadowattack.eu/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
        },
        {
          "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K35558453"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_45"
        },
        {
          "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-08-14T00:00:00",
          "ID": "CVE-2018-3615",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Multiple",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#982149",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/982149"
            },
            {
              "name": "1041451",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041451"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
            },
            {
              "name": "105080",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105080"
            },
            {
              "name": "https://foreshadowattack.eu/",
              "refsource": "MISC",
              "url": "https://foreshadowattack.eu/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
            },
            {
              "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
            },
            {
              "name": "https://support.f5.com/csp/article/K35558453",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K35558453"
            },
            {
              "name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
              "refsource": "CONFIRM",
              "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_45",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_45"
            },
            {
              "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
            },
            {
              "name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
              "refsource": "CONFIRM",
              "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-3615",
    "datePublished": "2018-08-14T19:00:00Z",
    "dateReserved": "2017-12-28T00:00:00",
    "dateUpdated": "2024-09-16T19:40:45.253Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-3615\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2018-08-14T19:29:00.670\",\"lastModified\":\"2024-11-21T04:05:46.490\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.\"},{\"lang\":\"es\",\"value\":\"Los sistemas con microprocesadores que emplean ejecuci\u00f3n especulativa y extensiones Intel software guard (Intel SGX) podr\u00eda permitir la fuga no autorizada de informaci\u00f3n que reside en la cach\u00e9 de datos L1 desde un enclave a un atacante con acceso de usuario local mediante un an\u00e1lisis de canal lateral.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.1,\"impactScore\":4.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:P/A:N\",\"baseScore\":5.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":7.8,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6B859F7-0373-4ADD-92B3-0FAB42FCF23C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAC76F31-00A5-4719-AA50-92F773919B3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49996F5A-51B2-4D4E-AE04-E98E093A76CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F8406B0-D1E5-4633-B17E-53DC99FE7622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D49435C-7C33-454B-9F43-9C10F28A28A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D17E1A0F-1150-4899-81BC-BE84E4EF5FA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EADD98AE-BAB0-440D-AB9F-2D76BE5109E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED44A404-8548-4EDC-8928-4094D05A6A38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2AAD8F0-0D31-4806-8A88-A30E5BE43630\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8164EE5F-6ABA-4365-8718-2F98C2E57A0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7110AF9-A407-4EE2-9C46-E5F1E3638E9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A06696D-37F0-427D-BFC5-1606E7441C31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AB02172-B9A7-4801-88F2-98BF5843184A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5141380E-BD18-47C1-A84C-384BA821773D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AE6C49E-2359-4E44-9979-7D34F8460E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C004B75F-37AF-4E61-98F3-1B09A7062DDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7126D19-C6D9-43CB-8809-647B1A20E7DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CC98503-A80A-4114-8BF2-E016659BE84E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FC246FE-4CA6-4B2D-83C3-D50A386C24A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"758A14DB-1BAF-442A-BA7C-5E9C67847BEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61309100-CFA7-4607-A236-8910838AA057\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82D76265-7BD0-4C51-AE77-22B22524DE81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE38B195-BB8D-4747-881D-E8033760B4C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AA8BE76-168D-48A3-8DF6-E91F44600408\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B656975-5D71-4712-9820-BDB7BC248AFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA045267-114D-4587-B6D7-E273C28DC9B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77018415-E122-406E-896D-1BC6CF790BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4E1C012-3E05-44DB-B6D2-BFD619C034B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15D689D6-8594-42F2-8EEF-DCAEBA885A67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6446000-0494-4DC5-ABAA-F20A44546068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B94EEC-6690-45D0-B086-F4A5B25C25CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"832AB3CD-E3A1-4CCB-A210-287973563D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A26C0CC-68AD-40F5-96B8-87E6C643F6F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99C4221A-9994-43B3-9C7A-E13815A50A10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20070B1D-B91C-40BA-A9D8-E80170A2933F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A70129C9-371F-4542-A388-C095869E593A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6A5EC79-1B21-4BB3-8791-73507BC8D4DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCB4AFC3-FE30-4F46-ADC1-D03EB14E757D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0387587-AAB6-4284-8516-4DA3E3582D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A238C975-9196-449F-9C15-ABB2E9FD1D06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F17F4A5-120B-4E00-97C8-8A85841ACBC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2537F047-64C9-4E73-B82C-310253184183\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A55857C-649D-46CE-AEDA-6E553E554FC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BA4892D-AFDF-4441-821E-5EBF7F64C9F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"327E06A3-7F0E-4498-8811-10C8D15398FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1624E6D6-858E-4085-B0B9-362B819EFD88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D61F4A-40F0-477C-8326-7359D3626E77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1455B4DE-7F1C-4CF2-AE02-2EDD20025D62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B215788-860B-46CD-9A08-43AFF98FAEAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E6F4A7-24BE-4AA0-9CDD-84FBC56FE9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3821412D-B010-49C4-A7B4-6C5FB6C603B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A34CA5CC-9EB1-4063-8B9D-3F566C1EFF76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B92FAD5-CA6E-48F7-9613-3A4CE90F5F54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4EB132B-000C-4A17-AFB3-19F40A73D2CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6158ED8A-007E-48B7-99BF-8BA03BF584BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBA7096A-F321-49A0-911A-F9683ABE6E6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A471395-7F8F-4BA5-962D-4D8F271FAB47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9484380-92B9-44DB-8E20-DC8DE02D1CA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8010808D-805D-4CA3-9EA2-55EB1E57964C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9716FE9F-A056-42A3-A241-F2FE37A6386A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73422A3-ECA0-4C41-9AA5-CF7D77885CF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A96A5AF-C9EF-4DED-AE25-4540A2B02915\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5115B12-053A-4866-A833-D6EC88D8F93E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5619D4D-9685-4595-8A5F-A18273FE4213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77E00E7-0EA4-4E32-A693-0E0F66BA4C57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAA3457E-7E1A-4878-9752-79382E954A66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68630C63-4457-4E12-B7BD-AD456B237FC5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68A76015-0A05-4EC7-B136-DC13B55D881F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C4DE25F-168A-4C67-8B66-09F61F072BD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58157F24-D89E-4552-8CE6-2F01E98BD1E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45ACBBEA-EC95-4F3E-B585-893DB6D21A0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4815AE-B635-4545-83C2-5EC4E0128337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0046C06-E3E6-4674-A4D1-332DD29D9552\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C191851-3DC3-41C7-AD89-81F091CCC83A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21126922-8E81-47F4-82D4-CBCDDACEC4FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"209E18B0-BBB5-4C65-B336-44340F7740DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C867C0B8-91A4-482A-B7DD-54AB9599AE52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30F03843-8A51-4CE1-BE6C-994BDE3A8F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09854948-2657-4261-A32A-0523058F072E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FB5695-2950-4CEC-81B4-FD280F835330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F340AF8-508F-449D-9AFA-4E55F069B4F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E944410E-D674-4141-B50C-9F55090325FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6438E07-0AC0-4BF9-B0F2-9072CA9639D6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"687C3BF3-D71A-49AD-8A05-EAC07CBCD949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90AF90D9-16C4-4F8A-9868-3E2823E3445C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64596ED7-794A-4D23-987B-D9AD59D48EA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2E52BA6-2F2F-4CD2-A601-5B0ADDE5E23F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FDA48F0-0F35-4A8F-8117-B0B28E00AB95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A561A8E8-79E2-4071-B57D-590C22EF86A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E46658-60AB-4758-9236-3AC0E6464383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"207B8FBA-E2FF-485A-9AD9-E604AE0FB903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F99640-C753-40BE-A0A1-4C2D92E7DB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EF7EC93-0170-45A9-86C7-5460320B2AE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B9FF7FB-AB5A-4549-8C15-E69458C649E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBAAC728-6A0F-4675-9677-AAF7DD5D38ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79C2131-5566-4CC2-B6ED-38E3F6964500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"605D7552-8184-4B11-96FD-FE501A6C97DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7165B43-ED22-4714-8FA4-1E201D1BFA69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13878C13-1C7C-4B83-AF27-4998E8F659DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C48BBAF-6B27-43D6-B86B-40CD8E7BA056\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04DB08C8-0018-4A8E-A206-097BDDF83B08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B1BD2B6-1AF6-4AD4-94FA-94B453A21908\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E96F585E-BDEF-45EE-B0AB-94FE23753AC5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44AA72FB-E78D-419E-AA82-B0538C6504D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C063C53-8970-45B1-85F8-FB2080BF4695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8A7B1C2-D2CE-485A-9376-27E14F3FA05A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CEF6608-B650-4C77-9823-0AD57B3484F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3144BBDE-CC96-4408-AA02-ECC3BF902A34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75AD7649-3FEA-4971-9886-6C9312B937A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C07E80D5-70A5-49C9-9044-D683C7ECCFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D75D0EEB-707C-4C86-A569-E91E9F00BA77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7193E85-30BE-42D5-A26B-3F88817F3574\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A371DF9-E224-404F-99C2-C2A4607E62D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6215EBAC-7C75-4647-9970-482120897F1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3357FCAC-B6C4-4E3E-A40B-AB5084A7F9B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D1FD6E8-80EC-461F-9ED1-CE5912399E80\"}]}]}],\"references\":[{\"url\":\"http://support.lenovo.com/us/en/solutions/LEN-24163\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105080\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041451\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\",\"source\":\"secure@intel.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\",\"source\":\"secure@intel.com\"},{\"url\":\"https://foreshadowattack.eu/\",\"source\":\"secure@intel.com\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180815-0001/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\",\"source\":\"secure@intel.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K35558453\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/982149\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_45\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.lenovo.com/us/en/solutions/LEN-24163\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://foreshadowattack.eu/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180815-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K35558453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/982149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_45\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

cisco-sa-20180814-cpusidechannel

Vulnerability from csaf_cisco

Published

2018-08-14 17:00

Modified

2018-08-31 20:37

Summary

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

Notes

Summary

5On August 14th, 2018, three vulnerabilities were disclosed by Intel and security researchers that leverage a speculative execution side-channel method referred to as L1 Terminal Fault (L1TF) that affects modern Intel microprocessors. These vulnerabilities could allow an unprivileged, local attacker, in specific circumstances, to read privileged memory belonging to other processes. The first vulnerability, CVE-2018-3615, affects Intel SGX technology and is referred to by the researchers who discovered it as foreshadow. This vulnerability is not known to affect any Cisco devices as the Cisco devices do not utilize Intel SGX technology. The second vulnerability, CVE-2018-3620, and the third vulnerability, CVE-2018-3646, are referred to as L1 Terminal Fault attacks by Intel. These two vulnerabilities affect multi-core processors that leverage Intel Hyper-Threading technology supporting Operating System, System Management Mode, and Virtualized workloads. Like the previously disclosed Spectre vulnerabilities, all three new vulnerabilities leverage cache-timing attacks to infer any disclosed data. To exploit any of these vulnerabilities, an attacker must be able to run crafted or script code on an affected device. Although the underlying CPU and operating system combination in a product or service may be affected by these vulnerabilities, the majority of Cisco products are closed systems that do not allow customers to run custom code and are, therefore, not vulnerable. There is no vector from which to exploit them. Cisco products are considered potentially vulnerable only if they allow customers to execute custom code side-by-side with Cisco code on the same microprocessor. A Cisco product that may be deployed as a virtual machine or a container, even while not directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable. Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as the operating system or hypervisor, is patched against the vulnerabilities in question. Although Cisco cloud services are not directly affected by these vulnerabilities, the infrastructure on which they run may be impacted. See the Affected Products ["#ap"] section of this advisory for information about the impact of these vulnerabilities on Cisco cloud services. Cisco will release software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"]

Affected Products

Any product or service not listed in the Vulnerable Products ["#vp"] section of this advisory is to be considered not vulnerable. The criteria for considering whether a product is vulnerable is explained in the Summary ["#sum"] section of this advisory. Because this is an ongoing investigation, please be aware that products and services currently considered not vulnerable may subsequently be considered vulnerable as additional information becomes available. Products Under Investigation The following products are under active investigation to determine whether they are affected by the vulnerability that is described in this advisory: Network Application, Service, and Acceleration Cisco Virtual Wide Area Application Services (vWAAS) Cisco Wide Area Application Services (WAAS) Express Cisco Wide Area Application Services (WAAS) Software Network and Content Security Devices Cisco FireSIGHT System Routing and Switching - Enterprise and Service Provider Cisco ASR 9000 XR 64-bit Series Routers Cisco Industrial Ethernet 4000 Series Switches (IOx feature) Cisco NCS 1000 Series Routers Cisco NCS 5000 Series Routers Cisco NCS 5500 Series Routers Cisco XRv 9000 Series Routers

Vulnerable Products

Product Cisco Bug ID Fixed Release Availability Network Application, Service, and Acceleration Cisco Cloud Services Platform 2100 CSCvm02914 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02914"] Routing and Switching - Enterprise and Service Provider Cisco 4000 Series Integrated Services Routers (IOS XE Open Service Containers) CSCvm02977 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"] Cisco ASR 1000 Series Aggregation Services Router with RP2 or RP3 (IOS XE Open Service Containers) CSCvm02977 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"] Cisco ASR 1001-HX Series Aggregation Services Routers (IOS XE Open Service Containers) CSCvm02977 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"] Cisco ASR 1001-X Series Aggregation Services Routers (IOS XE Open Service Containers) CSCvm02977 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"] Cisco ASR 1002-HX Series Aggregation Services Routers (IOS XE Open Service Containers) CSCvm02977 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"] Cisco ASR 1002-X Series Aggregation Services Routers (IOS XE Open Service Containers) CSCvm02977 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"] Cisco Cloud Services Router 1000V Series (IOS XE Open Service Containers) CSCvm02977 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"] Cisco Nexus 3000 Series Switches CSCvm02926 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02926"] Cisco Nexus 3500 Series Switches CSCvm02929 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02929"] Cisco Nexus 5000 Series Switches CSCvm02930 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02930"] Cisco Nexus 7000 Series Switches CSCvm02924 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02924"] Cisco Nexus 9000 Series Switches - Standalone, NX-OS mode CSCvm02926 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02926"] Unified Computing Cisco C880 M4 Server CSCvm02911 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02911"] Cisco C880 M5 Server CSCvm02911 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02911"] Cisco Enterprise NFV Infrastructure Software (NFVIS) CSCvm02987 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02987"] Cisco HyperFlex System CSCvm02920 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02920"] Cisco UCS B-Series M2 Blade Servers CSCvm02934 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02934"] Cisco UCS B-Series M2 Blade Servers - Managed UCS Manager 2.2(8l) - (Available) UCS Manager 3.2(3g) - (Available) Cisco UCS C-Series M2 Rack Servers - Managed UCS Manager 2.2(8l) - (Available) Cisco IMC 1.4(3z09)(Available) Cisco IMC 1.5(9f)(Available) Cisco UCS B-Series M3 Blade Servers - Managed CSCvm03356 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03356"] Cisco UCS B-Series M3 Blade Servers - Managed UCS Manager 2.2(8l) (Available) UCS Manager 3.1(3j) (Available) UCS Manager 3.2(3g) (Available) UCS C-Series M3 Rack Servers - Managed UCS Manager 3.2(3g) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco IMC 3.0(4i) - (Available) Cisco IMC 2.0(9o) - (Available) Cisco UCS B-Series M4 Blade Servers (except B260, B460) CSCvm03351 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351"] Cisco UCS B-Series M4 Blade Servers (except B260 B460) UCS Manager 3.2(3e) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available) Cisco UCS S3260 M4 Storage Server - UCS Manager 3.1(3j) - (Available) Cisco UCS C-Series M4 Rack Servers Cisco IMC 3.0(4e) - (Available) Cisco IMC 2.0(10k) - (Available) Cisco UCS S3260 M4 Storage Server UCS Manager 3.2(3e) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available) Cisco UCS S3260 M4 Storage Cisco UCS B-Series M5 Blade Servers CSCvm03339 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03339"] Cisco UCS B-Series M5 Blade Servers UCS Manager 3.2(3g) - (Available) Cisco UCS C-Series M5 Rack Servers -Standalone Cisco IMC 3.1(2i) - (Available) Cisco UCS C-Series M5 Rack Servers - Managed UCS Manager 3.2(3g) - (Available) Cisco UCS C-Series M2 Rack Servers CSCvm02934 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02934"] Cisco UCS B-Series M2 Blade Servers - Managed UCS Manager 2.2(8l) - (Available) UCS Manager 3.2(3g) - (Available) Cisco UCS C-Series M2 Rack Servers - Managed UCS Manager 2.2(8l) - (Available) Cisco IMC 1.4(3z09)(Available) Cisco IMC 1.5(9f)(Available) Cisco UCS C-Series M3 Rack Servers - Managed CSCvm03356 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03356"] Cisco UCS B-Series M3 Blade Servers - Managed UCS Manager 2.2(8l) (Available) UCS Manager 3.1(3j) (Available) UCS Manager 3.2(3g) (Available) UCS C-Series M3 Rack Servers - Managed UCS Manager 3.2(3g) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco IMC 3.0(4i) - (Available) Cisco IMC 2.0(9o) - (Available) Cisco UCS C-Series M3 Rack Servers - Standalone CSCvm03357 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03357"] UCS Manager 3.2(3g) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco IMC 3.0(4i) - (Available) Cisco IMC 2.0(9o) - (Available) Cisco UCS C-Series M4 Rack Servers (except C460) - Standalone 1 CSCvm03353 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03353"] Cisco IMC 3.0(4e) - (Available) Cisco IMC 2.0(10k) - (Available) Cisco UCS C-Series M4 Rack Servers (except C460) -Managed 1 CSCvm03351 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351"] Cisco UCS B-Series M4 Blade Servers (except B260 B460) UCS Manager 3.2(3e) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available) Cisco UCS S3260 M4 Storage Server - UCS Manager 3.1(3j) - (Available) Cisco UCS C-Series M4 Rack Servers Cisco IMC 3.0(4e) - (Available) Cisco IMC 2.0(10k) - (Available) Cisco UCS S3260 M4 Storage Server UCS Manager 3.2(3e) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available) Cisco UCS S3260 M4 Storage Cisco UCS C-Series M5 Rack Servers - Managed 1 CSCvm03339 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03339"] Cisco UCS B-Series M5 Blade Servers UCS Manager 3.2(3g) - (Available) Cisco UCS C-Series M5 Rack Servers -Standalone Cisco IMC 3.1(2i) - (Available) Cisco UCS C-Series M5 Rack Servers - Managed UCS Manager 3.2(3g) - (Available) Cisco UCS C-Series M5 Rack Servers -Standalone 1 CSCvm03347 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03347"] Cisco UCS B-Series M5 Blade Servers UCS Manager 3.2(3g) - (Available) Cisco UCS C-Series M5 Rack Servers -Standalone Cisco IMC 3.1(2i) - (Available) Cisco UCS E-Series Servers CSCvm02902 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02902"] Cisco UCS S3260 M4 Storage Server CSCvm03351 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351"] Cisco UCS B-Series M4 Blade Servers (except B260 B460) UCS Manager 3.2(3e) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available) Cisco UCS S3260 M4 Storage Server - UCS Manager 3.1(3j) - (Available) Cisco UCS C-Series M4 Rack Servers Cisco IMC 3.0(4e) - (Available) Cisco IMC 2.0(10k) - (Available) Cisco UCS S3260 M4 Storage Server UCS Manager 3.2(3e) - (Available) UCS Manager 3.1(3j) - (Available) UCS Manager 2.2(8l) - (Available) Cisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available) Cisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available) Cisco UCS S3260 M4 Storage Voice and Unified Communications Devices Cisco Remote Expert Mobile CSCvm02994 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02994"] Video, Streaming, TelePresence, and Transcoding Devices Cisco Video Surveillance Media Server CSCvm04841 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm04841"] Cisco Cloud Hosted Services Cisco Metacloud CSCvm02969 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02969"] 1Cisco UCS M4 and M5 Rack Servers are used as part of the Cisco HyperFlex Solution.

Products Confirmed Not Vulnerable

The following Cisco products are considered not vulnerable to foreshadow or other identified L1 Terminal Fault-related vulnerabilities. Specific models in these product families may be affected and will be explicitly listed in the preceding Vulnerable Products ["#vp"] section. Routers Branch Routers Cisco 4000 Series Integrated Services Routers Cisco 1900 Series Integrated Services Routers Cisco 1800 Series Integrated Services Routers Cisco 1000 Series Integrated Services Routers Cisco 2900 Series Integrated Services Routers Cisco 3900 Series Integrated Services Routers Cisco 800 Series Routers Data Center Interconnect Platforms Cisco ASR 1000 Series Aggregation Services Routers Cisco Carrier Routing System Cisco Catalyst 6500 Series Switches Industrial Routers Cisco 2000 Series Connected Grid Routers Cisco 1000 Series Connected Grid Routers Cisco 900 Series Industrial Routers Cisco 800 Series Industrial Integrated Services Routers Cisco 500 Series WPAN Industrial Routers Cisco Wireless Gateway for LoRaWAN Cloud Networking Services Cisco Cloud Services Router 1000V Series Mobile Internet Routers Cisco 5900 Series Embedded Services Routers Cisco MWR 2900 Series Mobile Wireless Routers Service Provider Core Routers Cisco Carrier Routing System Cisco Network Convergence System 6000 Series Routers Service Provider Edge Routers Cisco 12000 Series Routers Cisco ASR 1000 Series Aggregation Services Routers Cisco ASR 920 Series Aggregation Services Router Cisco ASR 901 Series Aggregation Services Routers Cisco ASR 900 Series Aggregation Services Routers Cisco XR 12000 Series Router Cisco Network Convergence System 500 Series Routers Small Business Routers Cisco 1900 Series Integrated Services Routers Cisco 800 Series Routers Cisco Small Business RV Series Routers Virtual Routers Cisco Cloud Services Router 1000V Series Cisco WAN Aggregation and Internet Edge Routers Cisco ASR 1000 Series Aggregation Services Routers Cisco Catalyst 6500 Series Switches Switches Blade Switches Cisco Blade Switches for Dell Cisco Blade Switches for FSC Cisco Blade Switches for HP Cisco Nexus 4000 Series Switches Cisco Switch Modules for IBM Cisco SFS Solutions for Blade Switches Cisco SFS Solution for Dell Campus LAN Switches - Access Cisco Catalyst 4500 Series Switches Cisco Catalyst 3850 Series Switches Cisco Catalyst 3750 Series Switches Cisco Catalyst 2960-L Series Switches Cisco Catalyst 2960-Plus Series Switches Cisco Catalyst 2960-X Series Switches Cisco Edge Series Cisco Meraki Cloud Managed Switches Cisco Redundant Power Systems Campus LAN Switches - Core and Distribution Cisco Catalyst 9500 Series Switches Cisco Catalyst 6800 Series Switches Cisco Catalyst 6500 Series Switches Cisco Catalyst 6500 Virtual Switching System 1440 Cisco Catalyst 4900 Series Switches Cisco Catalyst 4500 Series Switches Cisco Catalyst 4500-X Series Switches Cisco Catalyst 3850 Series Switches Campus LAN Switches - Digital Building Cisco Catalyst 3560-CX Series Switches Cisco Catalyst 2960-C Series Switches Cisco Catalyst 2960-CX Series Switches Cisco Catalyst 2960-L Series Switches Cisco Catalyst Digital Building Series Switches Data Center Switches Cisco Nexus 2000 Series Fabric Extenders Cisco R Series Racks Cisco RP Series Power Distribution Units Cisco Data Center Network Management Cisco Data Center Network Manager Cisco Fabric Manager Cisco MDS 9000 Series Multilayer Switches Cisco Data Center Switches with Cisco IOS Software Cisco Catalyst 6500 Series Switches Cisco Catalyst 4900 Series Switches Cisco Energy and Asset Management Cisco Asset Management Suite Cisco Energy Management Suite Industrial Ethernet Switches Cisco 2500 Series Connected Grid Switches Cisco Embedded Service 2020 Series Switches Cisco Industrial Ethernet 5000 Series Switches Cisco Industrial Ethernet 4010 Series Switches Cisco Industrial Ethernet 4000 Series Switches Cisco Industrial Ethernet 3010 Series Switches Cisco Industrial Ethernet 3000 Series Switches Cisco Industrial Ethernet 2000 Series Switches Cisco Industrial Ethernet 2000U Series Switches Cisco Industrial Ethernet 1000 Series Switches InfiniBand Switches Cisco SFS 7000 Series InfiniBand Server Switches Cisco SFS 3500 Series Multifabric Server Switches Cisco SFS 3000 Series Multifabric Server Switches LAN Switches - Small Business Cisco 550X Series Stackable Managed Switches Cisco 350 Series Managed Switches Cisco 350X Series Stackable Managed Switches Cisco 250 Series Smart Switches Cisco 220 Series Smart Switches Cisco ESW2 Series Advanced Switches Cisco Small Business 300 Series Managed Switches Cisco Small Business 200 Series Smart Switches Cisco Small Business 110 Series Unmanaged Switches Cisco Small Business Smart Switches Cisco Small Business Stackable Managed Switches Cisco Small Business Unmanaged Switches Service Provider Switches - Aggregation Cisco Catalyst 6500 Series Switches Cisco Catalyst 4500 Series Switches Cisco ME 4900 Series Ethernet Switches Cisco ME 3800X Series Carrier Ethernet Switch Routers Service Provider Switches - Ethernet Access Cisco Catalyst 3750 Metro Series Switches Cisco ME 3600X Series Ethernet Access Switches Cisco ME 3400 Series Ethernet Access Switches Cisco ME 3400E Series Ethernet Access Switches Cisco ME 1200 Series Carrier Ethernet Access Devices Cisco Small Business Gigabit SP Switches Virtual Networking Cisco Application Centric Infrastructure Virtual Edge Cisco Application Virtual Switch Cisco Cloud Services Platform 2100 Cisco Nexus 1000V InterCloud Cisco Nexus 1000V Switch for KVM Cisco Nexus 1000V Switch for Microsoft Hyper-V Cisco Nexus 1000V Switch for VMware vSphere Cloud Networking Services Cisco Prime Virtual Network Analysis Module (vNAM) Cisco Virtual Security Gateway WAN Switches Cisco IGX 8400 Series Switches MGX Switches Cisco MGX 8900 Series Switches Cisco MGX 8850 Software Cisco MGX 8800 Series Switches Cisco MGX 8250 Software Cisco MGX 8200 Series Edge Concentrators Wireless Indoor Access Points Cisco Aironet 1815 Series Access Points Cisco Aironet 2800 Series Access Points Cisco Aironet 3800 Series Access Points Cisco Aironet 4800 Access Point Outdoor and Industrial Access Points Cisco Aironet 1540 Series Access Points Cisco Aironet 1560 Series Access Points Cisco Aironet 1570 Series Access Points Wireless LAN Controllers Cisco Virtual Wireless Controller Cisco Meraki Cloud Managed Access Points Security Cisco Cloud-Hosted Products Cisco AMP family of products and endpoint protection clients Cisco Cloud Security Cisco Cloudlock Cisco Umbrella Email Security Cisco Content Security Management Appliance Cisco Email Security Cisco Email Encryption Cisco Email Encryption Cisco Registered Envelope Service Firewalls Cisco 3000 Series Industrial Security Appliances (ISA) Cisco Meraki Cloud Managed Security Appliances Cisco Adaptive Security Appliances (ASA) Cisco Adaptive Security Virtual Appliance (ASAv) Firewall Management Cisco Adaptive Security Device Manager Cisco Firepower Device Manager Cisco Firepower Management Center Cisco Security Manager Next-Generation Firewalls (NGFW) Cisco ASA 5500-X with FirePOWER Services Cisco Firepower 9000 Series Cisco Firepower 4100 Series Cisco Firepower 2100 Series Network Security Cisco VPN Internal Service Module for ISR G2 Network Visibility and Segmentation Cisco ISE Passive Identity Connector Cisco Security Packet Analyzer Cisco Stealthwatch Cloud Cisco Stealthwatch Enterprise Next-Generation Intrusion Prevention System (NGIPS) Cisco FirePOWER 8000 Series Appliances Cisco FirePOWER 7000 Series Appliances Security Management Cisco Firepower Management Center Cisco Adaptive Security Device Manager Cisco Content Security Management Appliance Cisco Defense Orchestrator Unified Communications Cisco Business Edition 6000 - 100x80 Cisco Business Edition 6000 Cisco Jabber - 100x80 Cisco Jabber Cisco Expressway Customer Care Cisco Unified Contact Center Express Cisco Unified Contact Center Enterprise Cisco Finesse Cisco MediaSense Conferencing Cisco Meeting Server Cisco Webex Meeting Center Cisco Webex Meetings Server Cisco TelePresence Management Suite Cisco TelePresence Server Cisco TelePresence Conductor Collaboration Endpoints Cisco 8800 Series IP Phones Cisco 7800 Series IP Phones Cisco 6900 Series IP Phones Cisco 3900 Series SIP Phones Cisco Desktop Collaboration Experience - DX600 Series Cisco DX Series Cisco TelePresence SX10 Quick Set Cisco TelePresence MX Series Cisco TelePresence IX5000 Series Cisco Unified Computing Management Platforms Cisco Intersight Cisco UCS Manager Cisco UCS Central Cisco UCS Performance Manager IP Video Cisco Access Edge Cisco Cable Modem Termination Systems (CMTSs) Cisco RF Switches Cisco cBR Series Converged Broadband Routers Cisco uBR10000 Series Universal Broadband Routers Cisco uBR7225VXR Universal Broadband Routers Cisco uBR7200 Series Universal Broadband Routers No other Cisco IP video products are known to be affected. Internet of Things (IoT) Cisco Jasper Control Center Cisco IoT Management Cisco Application Enablement Cisco IoT Security Cisco Kinetic Cisco Extended Enterprise Cisco has investigated the following products and they are not considered to be affected by the vulnerabilities that are described in this advisory: Collaboration and Social Media Cisco Meeting Server Network Application, Service, and Acceleration Cisco Tetration Analytics Network and Content Security Devices Cisco Identity Services Engine (ISE) Cisco Umbrella Virtual Appliance Network Management and Provisioning Cisco Evolved Programmable Network Manager Cisco Policy Suite Cisco Prime Infrastructure Routing and Switching - Enterprise and Service Provider Cisco 1000 Series Connected Grid Routers Cisco 800 Series Industrial Integrated Services Routers Cisco Application Policy Infrastructure Controller (APIC) Cisco Catalyst 3650 Series Switches - IOx feature Cisco Nexus 4000 Series Blade Switches Cisco Nexus 9000 Series Fabric Switches - ACI mode Cisco Virtual Application Policy Infrastructure Controller (APIC) Unified Computing Cisco Common Services Platform Collector Cisco UCS Director Voice and Unified Communications Devices Cisco Meeting Management Cisco Unified Communications Manager Session Management Edition Cisco Unified Communications Manager Video, Streaming, TelePresence, and Transcoding Devices Cisco TelePresence Conductor Cisco TelePresence ISDN Gateway 3241 Cisco TelePresence ISDN Gateway MSE 8321 Cisco TelePresence MCU 4200 Series, 4500 Series, 5300 Series, MSE 8420, and MSE 8510 Cisco TelePresence Server 7010 and MSE 8710 Cisco TelePresence Server on Multiparty Media 310 and 320 Cisco TelePresence Server on Multiparty Media 820 Cisco TelePresence Server on Virtual Machine Cisco TelePresence Supervisor MSE 8050 Tandberg Codian ISDN Gateway 3210, 3220, and 3240 Tandberg Codian MSE 8320 Wireless Cisco Mobility Services Engine Cisco Wireless Gateway for LoRaWAN Cisco Wireless LAN Controller Cisco Cloud Hosted Services Cisco Cloudlock Cisco Hosted Collaboration Solution (HCS) for Government Cisco Umbrella Cisco Webex Teams (formerly Cisco Spark)

Workarounds

There are no workarounds that address this vulnerability.

Fixed Software

For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source

CVE ID CVE-2018-3615 was reported to Intel by Raoul Strackx, Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, and Yuval Yarom. CVE ID CVE-2018-3620 and CVE-2018-3646 were discovered by Intel during the research of foreshadow.

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "CVE ID CVE-2018-3615 was reported to Intel by Raoul Strackx, Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, and Yuval Yarom.\r\n\r\nCVE ID CVE-2018-3620 and CVE-2018-3646 were discovered by Intel during the research of foreshadow."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "5On August 14th, 2018, three vulnerabilities were disclosed by Intel and security researchers that leverage a speculative execution side-channel method referred to as L1 Terminal Fault (L1TF) that affects modern Intel microprocessors. These vulnerabilities could allow an unprivileged, local attacker, in specific circumstances, to read privileged memory belonging to other processes.\r\nThe first vulnerability, CVE-2018-3615, affects Intel SGX technology and is referred to by the researchers who discovered it as foreshadow. This vulnerability is not known to affect any Cisco devices as the Cisco devices do not utilize Intel SGX technology.\r\n\r\nThe second vulnerability, CVE-2018-3620, and the third vulnerability, CVE-2018-3646, are referred to as L1 Terminal Fault attacks by Intel. These two vulnerabilities affect multi-core processors that leverage Intel Hyper-Threading technology supporting Operating System, System Management Mode, and Virtualized workloads. Like the previously disclosed Spectre vulnerabilities, all three new vulnerabilities leverage cache-timing attacks to infer any disclosed data.\r\n\r\nTo exploit any of these vulnerabilities, an attacker must be able to run crafted or script code on an affected device. Although the underlying CPU and operating system combination in a product or service may be affected by these vulnerabilities, the majority of Cisco products are closed systems that do not allow customers to run custom code and are, therefore, not vulnerable. There is no vector from which to exploit them. Cisco products are considered potentially vulnerable only if they allow customers to execute custom code side-by-side with Cisco code on the same microprocessor.\r\n\r\nA Cisco product that may be deployed as a virtual machine or a container, even while not directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable. Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as the operating system or hypervisor, is patched against the vulnerabilities in question.\r\n\r\nAlthough Cisco cloud services are not directly affected by these vulnerabilities, the infrastructure on which they run may be impacted. See the Affected Products [\"#ap\"] section of this advisory for information about the impact of these vulnerabilities on Cisco cloud services.\r\n\r\nCisco will release software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.\r\n\r\nThis advisory is available at the following link:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel\"]",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "Any product or service not listed in the Vulnerable Products [\"#vp\"] section of this advisory is to be considered not vulnerable. The criteria for considering whether a product is vulnerable is explained in the Summary [\"#sum\"] section of this advisory.\r\n\r\nBecause this is an ongoing investigation, please be aware that products and services currently considered not vulnerable may subsequently be considered vulnerable as additional information becomes available.\r\n\r\n  Products Under Investigation  The following products are under active investigation to determine whether they are affected by the vulnerability that is described in this advisory:\r\n\r\nNetwork Application, Service, and Acceleration\r\n\r\nCisco Virtual Wide Area Application Services (vWAAS)\r\nCisco Wide Area Application Services (WAAS) Express\r\nCisco Wide Area Application Services (WAAS) Software\r\nNetwork and Content Security Devices\r\n\r\nCisco FireSIGHT System\r\nRouting and Switching - Enterprise and Service Provider\r\n\r\nCisco ASR 9000 XR 64-bit Series Routers\r\nCisco Industrial Ethernet 4000 Series Switches (IOx feature)\r\nCisco NCS 1000 Series Routers\r\nCisco NCS 5000 Series Routers\r\nCisco NCS 5500 Series Routers\r\nCisco XRv 9000 Series Routers",
        "title": "Affected Products"
      },
      {
        "category": "general",
        "text": "Product              Cisco Bug ID              Fixed Release Availability                                  Network Application, Service, and Acceleration                                  Cisco Cloud Services Platform 2100              CSCvm02914 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02914\"]\r\n                                  Routing and Switching - Enterprise and Service Provider                                  Cisco 4000 Series Integrated Services Routers (IOS XE Open Service Containers)              CSCvm02977 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977\"]\r\n                                  Cisco ASR 1000 Series Aggregation Services Router with RP2 or RP3 (IOS XE Open Service Containers)              CSCvm02977 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977\"]\r\n                                  Cisco ASR 1001-HX Series Aggregation Services Routers (IOS XE Open Service Containers)              CSCvm02977 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977\"]\r\n                                  Cisco ASR 1001-X Series Aggregation Services Routers (IOS XE Open Service Containers)              CSCvm02977 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977\"]\r\n                                  Cisco ASR 1002-HX Series Aggregation Services Routers (IOS XE Open Service Containers)              CSCvm02977 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977\"]\r\n                                  Cisco ASR 1002-X Series Aggregation Services Routers (IOS XE Open Service Containers)              CSCvm02977 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977\"]\r\n                                  Cisco Cloud Services Router 1000V Series (IOS XE Open Service Containers)              CSCvm02977 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977\"]\r\n                                  Cisco Nexus 3000 Series Switches              CSCvm02926 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02926\"]\r\n                                  Cisco Nexus 3500 Series Switches              CSCvm02929 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02929\"]\r\n                                  Cisco Nexus 5000 Series Switches              CSCvm02930 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02930\"]\r\n                                  Cisco Nexus 7000 Series Switches              CSCvm02924 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02924\"]\r\n                                  Cisco Nexus 9000 Series Switches - Standalone, NX-OS mode              CSCvm02926 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02926\"]\r\n                                  Unified Computing                                  Cisco C880 M4 Server              CSCvm02911 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02911\"]\r\n                                  Cisco C880 M5 Server              CSCvm02911 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02911\"]\r\n                                  Cisco Enterprise NFV Infrastructure Software (NFVIS)              CSCvm02987 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02987\"]\r\n                                  Cisco HyperFlex System              CSCvm02920 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02920\"]\r\n                                  Cisco UCS B-Series M2 Blade Servers              CSCvm02934 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02934\"]              Cisco UCS B-Series M2 Blade Servers - Managed\r\nUCS Manager 2.2(8l) - (Available)\r\nUCS Manager 3.2(3g) - (Available)\r\nCisco UCS C-Series M2 Rack Servers - Managed\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco IMC 1.4(3z09)(Available)\r\nCisco IMC 1.5(9f)(Available)\r\n                                  Cisco UCS B-Series M3 Blade Servers - Managed              CSCvm03356 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03356\"]              Cisco UCS B-Series M3 Blade Servers - Managed\r\nUCS Manager 2.2(8l) (Available)\r\nUCS Manager 3.1(3j) (Available)\r\nUCS Manager 3.2(3g) (Available)\r\nUCS C-Series M3 Rack Servers - Managed\r\nUCS Manager 3.2(3g) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco IMC 3.0(4i) - (Available)\r\nCisco IMC 2.0(9o) - (Available)                                  Cisco UCS B-Series M4 Blade Servers (except B260, B460)              CSCvm03351 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351\"]              Cisco UCS B-Series M4 Blade Servers (except B260\r\nB460)\r\nUCS Manager 3.2(3e) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - UCS Manager 3.1(3j) - (Available)\r\nCisco UCS C-Series M4 Rack Servers\r\nCisco IMC 3.0(4e) - (Available)\r\nCisco IMC 2.0(10k) - (Available)\r\nCisco UCS S3260 M4 Storage Server\r\nUCS Manager 3.2(3e) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available)\r\nCisco UCS S3260 M4 Storage                                   Cisco UCS B-Series M5 Blade Servers              CSCvm03339 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03339\"]              Cisco UCS B-Series M5 Blade Servers\r\nUCS Manager 3.2(3g) - (Available)\r\nCisco UCS C-Series M5 Rack Servers -Standalone\r\nCisco IMC 3.1(2i) - (Available)\r\nCisco UCS C-Series M5 Rack Servers - Managed\r\nUCS Manager 3.2(3g) - (Available)\r\n                                  Cisco UCS C-Series M2 Rack Servers              CSCvm02934 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02934\"]              Cisco UCS B-Series M2 Blade Servers - Managed\r\nUCS Manager 2.2(8l) - (Available)\r\nUCS Manager 3.2(3g) - (Available)\r\nCisco UCS C-Series M2 Rack Servers - Managed\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco IMC 1.4(3z09)(Available)\r\nCisco IMC 1.5(9f)(Available)\r\n                                  Cisco UCS C-Series M3 Rack Servers - Managed              CSCvm03356 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03356\"]              Cisco UCS B-Series M3 Blade Servers - Managed\r\nUCS Manager 2.2(8l) (Available)\r\nUCS Manager 3.1(3j) (Available)\r\nUCS Manager 3.2(3g) (Available)\r\nUCS C-Series M3 Rack Servers - Managed\r\nUCS Manager 3.2(3g) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco IMC 3.0(4i) - (Available)\r\nCisco IMC 2.0(9o) - (Available)                                  Cisco UCS C-Series M3 Rack Servers - Standalone              CSCvm03357 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03357\"]              UCS Manager 3.2(3g) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco IMC 3.0(4i) - (Available)\r\nCisco IMC 2.0(9o) - (Available)                                  Cisco UCS C-Series M4 Rack Servers (except C460) - Standalone 1              CSCvm03353 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03353\"]              Cisco IMC 3.0(4e) - (Available)\r\nCisco IMC 2.0(10k) - (Available)                                  Cisco UCS C-Series M4 Rack Servers (except C460) -Managed 1              CSCvm03351 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351\"]              Cisco UCS B-Series M4 Blade Servers (except B260\r\nB460)\r\nUCS Manager 3.2(3e) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - UCS Manager 3.1(3j) - (Available)\r\nCisco UCS C-Series M4 Rack Servers\r\nCisco IMC 3.0(4e) - (Available)\r\nCisco IMC 2.0(10k) - (Available)\r\nCisco UCS S3260 M4 Storage Server\r\nUCS Manager 3.2(3e) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available)\r\nCisco UCS S3260 M4 Storage                                   Cisco UCS C-Series M5 Rack Servers - Managed 1              CSCvm03339 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03339\"]              Cisco UCS B-Series M5 Blade Servers\r\nUCS Manager 3.2(3g) - (Available)\r\nCisco UCS C-Series M5 Rack Servers -Standalone\r\nCisco IMC 3.1(2i) - (Available)\r\nCisco UCS C-Series M5 Rack Servers - Managed\r\nUCS Manager 3.2(3g) - (Available)\r\n                                  Cisco UCS C-Series M5 Rack Servers -Standalone 1              CSCvm03347 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03347\"]              Cisco UCS B-Series M5 Blade Servers\r\nUCS Manager 3.2(3g) - (Available)\r\nCisco UCS C-Series M5 Rack Servers -Standalone\r\nCisco IMC 3.1(2i) - (Available)                                  Cisco UCS E-Series Servers              CSCvm02902 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02902\"]\r\n                                  Cisco UCS S3260 M4 Storage Server              CSCvm03351 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351\"]              Cisco UCS B-Series M4 Blade Servers (except B260\r\nB460)\r\nUCS Manager 3.2(3e) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - UCS Manager 3.1(3j) - (Available)\r\nCisco UCS C-Series M4 Rack Servers\r\nCisco IMC 3.0(4e) - (Available)\r\nCisco IMC 2.0(10k) - (Available)\r\nCisco UCS S3260 M4 Storage Server\r\nUCS Manager 3.2(3e) - (Available)\r\nUCS Manager 3.1(3j) - (Available)\r\nUCS Manager 2.2(8l) - (Available)\r\nCisco UCS C-Series M4 Rack Servers - Managed (except C460) - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Managed - UCS Manager 3.2(3e) - (Available)\r\nCisco UCS S3260 M4 Storage Server - Standalone - Cisco IMC 3.0(4e) - (Available)\r\nCisco UCS S3260 M4 Storage                                   Voice and Unified Communications Devices                                  Cisco Remote Expert Mobile              CSCvm02994 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02994\"]\r\n                                  Video, Streaming, TelePresence, and Transcoding Devices                                  Cisco Video Surveillance Media Server              CSCvm04841 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm04841\"]\r\n                                  Cisco Cloud Hosted Services                                  Cisco Metacloud              CSCvm02969 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02969\"]\r\n\r\n\r\n1Cisco UCS M4 and M5 Rack Servers are used as part of the Cisco HyperFlex Solution.",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "The following Cisco products are considered not vulnerable to foreshadow or other identified L1 Terminal Fault-related vulnerabilities. Specific models in these product families may be affected and will be explicitly listed in the preceding Vulnerable Products [\"#vp\"] section.\r\n  Routers  Branch Routers\r\nCisco 4000 Series Integrated Services Routers\r\n      Cisco 1900 Series Integrated Services Routers\r\n      Cisco 1800 Series Integrated Services Routers\r\n      Cisco 1000 Series Integrated Services Routers\r\nCisco 2900 Series Integrated Services Routers\r\nCisco 3900 Series Integrated Services Routers\r\n      Cisco 800 Series Routers\r\n\r\nData Center Interconnect Platforms\r\n\r\nCisco ASR 1000 Series Aggregation Services Routers\r\n      Cisco Carrier Routing System\r\n      Cisco Catalyst 6500 Series Switches\r\n\r\nIndustrial Routers\r\n\r\nCisco 2000 Series Connected Grid Routers\r\n      Cisco 1000 Series Connected Grid Routers\r\n      Cisco 900 Series Industrial Routers\r\n      Cisco 800 Series Industrial Integrated Services Routers\r\n      Cisco 500 Series WPAN Industrial Routers\r\n      Cisco Wireless Gateway for LoRaWAN\r\n\r\nCloud Networking Services\r\n\r\nCisco Cloud Services Router 1000V Series\r\n\r\nMobile Internet Routers\r\n\r\nCisco 5900 Series Embedded Services Routers\r\nCisco MWR 2900 Series Mobile Wireless Routers\r\n\r\nService Provider Core Routers\r\n\r\nCisco Carrier Routing System\r\n      Cisco Network Convergence System 6000 Series Routers\r\n\r\nService Provider Edge Routers\r\n\r\nCisco 12000 Series Routers\r\n      Cisco ASR 1000 Series Aggregation Services Routers\r\n      Cisco ASR 920 Series Aggregation Services Router\r\n      Cisco ASR 901 Series Aggregation Services Routers\r\n      Cisco ASR 900 Series Aggregation Services Routers\r\n      Cisco XR 12000 Series Router\r\n      Cisco Network Convergence System 500 Series Routers\r\n\r\nSmall Business Routers\r\n\r\nCisco 1900 Series Integrated Services Routers\r\n      Cisco 800 Series Routers\r\n      Cisco Small Business RV Series Routers\r\n\r\nVirtual Routers\r\n\r\nCisco Cloud Services Router 1000V Series\r\n      Cisco WAN Aggregation and Internet Edge Routers\r\n      Cisco ASR 1000 Series Aggregation Services Routers\r\n      Cisco Catalyst 6500 Series Switches\r\n  Switches\r\nBlade Switches\r\n\r\nCisco Blade Switches for Dell\r\n      Cisco Blade Switches for FSC\r\n      Cisco Blade Switches for HP\r\n      Cisco Nexus 4000 Series Switches\r\n      Cisco Switch Modules for IBM\r\n      Cisco SFS Solutions for Blade Switches\r\n      Cisco SFS Solution for Dell\r\n\r\nCampus LAN Switches - Access\r\n\r\n      Cisco Catalyst 4500 Series Switches\r\n      Cisco Catalyst 3850 Series Switches\r\n      Cisco Catalyst 3750 Series Switches\r\n      Cisco Catalyst 2960-L Series Switches\r\n      Cisco Catalyst 2960-Plus Series Switches\r\n      Cisco Catalyst 2960-X Series Switches\r\n      Cisco Edge Series\r\n      Cisco Meraki Cloud Managed Switches\r\n      Cisco Redundant Power Systems\r\n\r\nCampus LAN Switches - Core and Distribution\r\n\r\n      Cisco Catalyst 9500 Series Switches\r\nCisco Catalyst 6800 Series Switches\r\nCisco Catalyst 6500 Series Switches\r\nCisco Catalyst 6500 Virtual Switching System 1440\r\nCisco Catalyst 4900 Series Switches\r\nCisco Catalyst 4500 Series Switches\r\nCisco Catalyst 4500-X Series Switches\r\nCisco Catalyst 3850 Series Switches\r\n\r\n  Campus LAN Switches - Digital Building\r\n\r\n      Cisco Catalyst 3560-CX Series Switches\r\n      Cisco Catalyst 2960-C Series Switches\r\n      Cisco Catalyst 2960-CX Series Switches\r\n      Cisco Catalyst 2960-L Series Switches\r\n      Cisco Catalyst Digital Building Series Switches\r\n\r\nData Center Switches\r\n\r\n      Cisco Nexus 2000 Series Fabric Extenders\r\n      Cisco R Series Racks\r\n      Cisco RP Series Power Distribution Units\r\n      Cisco Data Center Network Management\r\n      Cisco Data Center Network Manager\r\n      Cisco Fabric Manager\r\nCisco MDS 9000 Series Multilayer Switches\r\n      Cisco Data Center Switches with Cisco IOS Software\r\n      Cisco Catalyst 6500 Series Switches\r\n      Cisco Catalyst 4900 Series Switches\r\n      Cisco Energy and Asset Management\r\n      Cisco Asset Management Suite\r\n      Cisco Energy Management Suite\r\n\r\nIndustrial Ethernet Switches\r\n\r\n      Cisco 2500 Series Connected Grid Switches\r\n      Cisco Embedded Service 2020 Series Switches\r\n      Cisco Industrial Ethernet 5000 Series Switches\r\n      Cisco Industrial Ethernet 4010 Series Switches\r\n      Cisco Industrial Ethernet 4000 Series Switches\r\n      Cisco Industrial Ethernet 3010 Series Switches\r\n      Cisco Industrial Ethernet 3000 Series Switches\r\n      Cisco Industrial Ethernet 2000 Series Switches\r\n      Cisco Industrial Ethernet 2000U Series Switches\r\n      Cisco Industrial Ethernet 1000 Series Switches\r\n\r\nInfiniBand Switches\r\n\r\n      Cisco SFS 7000 Series InfiniBand Server Switches\r\n      Cisco SFS 3500 Series Multifabric Server Switches\r\n      Cisco SFS 3000 Series Multifabric Server Switches\r\n\r\n LAN Switches - Small Business\r\n\r\n      Cisco 550X Series Stackable Managed Switches\r\n      Cisco 350 Series Managed Switches\r\n      Cisco 350X Series Stackable Managed Switches\r\n      Cisco 250 Series Smart Switches\r\n      Cisco 220 Series Smart Switches\r\n      Cisco ESW2 Series Advanced Switches\r\n      Cisco Small Business 300 Series Managed Switches\r\n      Cisco Small Business 200 Series Smart Switches\r\n      Cisco Small Business 110 Series Unmanaged Switches\r\n      Cisco Small Business Smart Switches\r\n      Cisco Small Business Stackable Managed Switches\r\n      Cisco Small Business Unmanaged Switches\r\n\r\nService Provider Switches - Aggregation\r\n\r\n      Cisco Catalyst 6500 Series Switches\r\n      Cisco Catalyst 4500 Series Switches\r\n      Cisco ME 4900 Series Ethernet Switches\r\n      Cisco ME 3800X Series Carrier Ethernet Switch Routers\r\n\r\nService Provider Switches - Ethernet Access\r\n\r\n      Cisco Catalyst 3750 Metro Series Switches\r\n      Cisco ME 3600X Series Ethernet Access Switches\r\n      Cisco ME 3400 Series Ethernet Access Switches\r\n      Cisco ME 3400E Series Ethernet Access Switches\r\n      Cisco ME 1200 Series Carrier Ethernet Access Devices\r\n      Cisco Small Business Gigabit SP Switches\r\n\r\nVirtual Networking\r\n\r\n      Cisco Application Centric Infrastructure Virtual Edge\r\n      Cisco Application Virtual Switch\r\n      Cisco Cloud Services Platform 2100\r\n      Cisco Nexus 1000V InterCloud\r\n      Cisco Nexus 1000V Switch for KVM\r\n      Cisco Nexus 1000V Switch for Microsoft Hyper-V\r\n      Cisco Nexus 1000V Switch for VMware vSphere\r\n\r\nCloud Networking Services\r\n\r\nCisco Prime Virtual Network Analysis Module (vNAM)\r\n      Cisco Virtual Security Gateway\r\n\r\nWAN Switches\r\n\r\n      Cisco IGX 8400 Series Switches\r\n\r\nMGX Switches\r\n\r\n      Cisco MGX 8900 Series Switches\r\nCisco MGX 8850 Software\r\nCisco MGX 8800 Series Switches\r\nCisco MGX 8250 Software\r\nCisco MGX 8200 Series Edge Concentrators\r\n  Wireless\r\nIndoor Access Points\r\n\r\nCisco Aironet 1815 Series Access Points\r\n      Cisco Aironet 2800 Series Access Points\r\n      Cisco Aironet 3800 Series Access Points\r\n      Cisco Aironet 4800 Access Point\r\n\r\nOutdoor and Industrial Access Points\r\n\r\nCisco Aironet 1540 Series Access Points\r\n      Cisco Aironet 1560 Series Access Points\r\n      Cisco Aironet 1570 Series Access Points\r\n\r\nWireless LAN Controllers\r\n\r\nCisco Virtual Wireless Controller\r\nCisco Meraki Cloud Managed Access Points\r\n  Security\r\nCisco Cloud-Hosted Products\r\n\r\nCisco AMP family of products and endpoint protection clients\r\nCisco Cloud Security\r\nCisco Cloudlock\r\nCisco Umbrella\r\n\r\nEmail Security\r\n\r\nCisco Content Security Management Appliance\r\nCisco Email Security\r\nCisco Email Encryption\r\nCisco Email Encryption\r\nCisco Registered Envelope Service\r\n\r\nFirewalls\r\n\r\nCisco 3000 Series Industrial Security Appliances (ISA)\r\nCisco Meraki Cloud Managed Security Appliances\r\nCisco Adaptive Security Appliances (ASA)\r\nCisco Adaptive Security Virtual Appliance (ASAv)\r\n\r\nFirewall Management\r\n\r\nCisco Adaptive Security Device Manager\r\n      Cisco Firepower Device Manager\r\n      Cisco Firepower Management Center\r\n      Cisco Security Manager\r\n  Next-Generation Firewalls (NGFW)\r\nCisco ASA 5500-X with FirePOWER Services\r\n      Cisco Firepower 9000 Series\r\n      Cisco Firepower 4100 Series\r\n      Cisco Firepower 2100 Series\r\n\r\nNetwork Security\r\n\r\nCisco VPN Internal Service Module for ISR G2\r\n\r\nNetwork Visibility and Segmentation\r\n\r\nCisco ISE Passive Identity Connector\r\n      Cisco Security Packet Analyzer\r\n      Cisco Stealthwatch Cloud\r\n      Cisco Stealthwatch Enterprise\r\n\r\nNext-Generation Intrusion Prevention System (NGIPS)\r\n\r\nCisco FirePOWER 8000 Series Appliances\r\n      Cisco FirePOWER 7000 Series Appliances\r\n\r\nSecurity Management\r\n\r\nCisco Firepower Management Center\r\nCisco Adaptive Security Device Manager\r\nCisco Content Security Management Appliance\r\nCisco Defense Orchestrator\r\n  Unified Communications\r\nCisco Business Edition 6000 - 100x80\r\nCisco Business Edition 6000\r\nCisco Jabber - 100x80\r\nCisco Jabber\r\nCisco Expressway\r\n  Customer Care\r\nCisco Unified Contact Center Express\r\nCisco Unified Contact Center Enterprise\r\nCisco Finesse\r\nCisco MediaSense\r\n  Conferencing\r\nCisco Meeting Server\r\nCisco Webex Meeting Center\r\n      Cisco Webex Meetings Server\r\n      Cisco TelePresence Management Suite\r\n      Cisco TelePresence Server\r\n      Cisco TelePresence Conductor\r\n  Collaboration Endpoints\r\nCisco 8800 Series IP Phones\r\nCisco 7800 Series IP Phones\r\nCisco 6900 Series IP Phones\r\nCisco 3900 Series SIP Phones\r\nCisco Desktop Collaboration Experience - DX600 Series\r\nCisco DX Series\r\nCisco TelePresence SX10 Quick Set\r\nCisco TelePresence MX Series\r\nCisco TelePresence IX5000 Series\r\n  Cisco Unified Computing Management Platforms\r\nCisco Intersight\r\nCisco UCS Manager\r\nCisco UCS Central\r\nCisco UCS Performance Manager\r\n  IP Video\r\nCisco Access Edge\r\nCisco Cable Modem Termination Systems (CMTSs)\r\nCisco RF Switches\r\nCisco cBR Series Converged Broadband Routers\r\nCisco uBR10000 Series Universal Broadband Routers\r\nCisco uBR7225VXR Universal Broadband Routers\r\nCisco uBR7200 Series Universal Broadband Routers\r\n\r\nNo other Cisco IP video products are known to be affected.\r\n  Internet of Things (IoT)\r\nCisco Jasper Control Center\r\nCisco IoT Management\r\nCisco Application Enablement\r\nCisco IoT Security\r\nCisco Kinetic\r\nCisco Extended Enterprise\r\n\r\nCisco has investigated the following products and they are not considered to be affected by the vulnerabilities that are described in this advisory:\r\n  Collaboration and Social Media\r\n\r\nCisco Meeting Server\r\nNetwork Application, Service, and Acceleration\r\n\r\nCisco Tetration Analytics\r\nNetwork and Content Security Devices\r\n\r\nCisco Identity Services Engine (ISE)\r\nCisco Umbrella Virtual Appliance\r\nNetwork Management and Provisioning\r\n\r\nCisco Evolved Programmable Network Manager\r\nCisco Policy Suite\r\nCisco Prime Infrastructure\r\nRouting and Switching - Enterprise and Service Provider\r\n\r\nCisco 1000 Series Connected Grid Routers\r\nCisco 800 Series Industrial Integrated Services Routers\r\nCisco Application Policy Infrastructure Controller (APIC)\r\nCisco Catalyst 3650 Series Switches - IOx feature\r\nCisco Nexus 4000 Series Blade Switches\r\nCisco Nexus 9000 Series Fabric Switches - ACI mode\r\nCisco Virtual Application Policy Infrastructure Controller (APIC)\r\nUnified Computing\r\n\r\nCisco Common Services Platform Collector\r\nCisco UCS Director\r\nVoice and Unified Communications Devices\r\n\r\nCisco Meeting Management\r\nCisco Unified Communications Manager Session Management Edition\r\nCisco Unified Communications Manager\r\nVideo, Streaming, TelePresence, and Transcoding Devices\r\n\r\nCisco TelePresence Conductor\r\nCisco TelePresence ISDN Gateway 3241\r\nCisco TelePresence ISDN Gateway MSE 8321\r\nCisco TelePresence MCU 4200 Series, 4500 Series, 5300 Series, MSE 8420, and MSE 8510\r\nCisco TelePresence Server 7010 and MSE 8710\r\nCisco TelePresence Server on Multiparty Media 310 and 320\r\nCisco TelePresence Server on Multiparty Media 820\r\nCisco TelePresence Server on Virtual Machine\r\nCisco TelePresence Supervisor MSE 8050\r\nTandberg Codian ISDN Gateway 3210, 3220, and 3240\r\nTandberg Codian MSE 8320\r\nWireless\r\n\r\nCisco Mobility Services Engine\r\nCisco Wireless Gateway for LoRaWAN\r\nCisco Wireless LAN Controller\r\nCisco Cloud Hosted Services\r\n\r\nCisco Cloudlock\r\nCisco Hosted Collaboration Solution (HCS) for Government\r\nCisco Umbrella\r\nCisco Webex Teams (formerly Cisco Spark)",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "For information about fixed software releases, consult the Cisco bug ID(s) at the top of this advisory.\r\n\r\nWhen considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "CVE ID CVE-2018-3615 was reported to Intel by Raoul Strackx, Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, and Yuval Yarom.\r\n\r\nCVE ID CVE-2018-3620 and CVE-2018-3646 were discovered by Intel during the research of foreshadow.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "Emergency Support:\r\n+1 877 228 7302 (toll-free within North America)\r\n+1 408 525 6532 (International direct-dial)\r\nNon-emergency Support:\r\nEmail: psirt@cisco.com\r\nSupport requests that are received via e-mail are typically acknowledged within 48 hours.",
      "issuing_authority": "Cisco product security incident response is the responsibility of the Cisco Product Security Incident Response Team (PSIRT). The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24x7 with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks.\r\nMore information can be found in Cisco Security Vulnerability Policy available at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
      },
      {
        "category": "external",
        "summary": "CSCvm02914",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02914"
      },
      {
        "category": "external",
        "summary": "CSCvm02977",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"
      },
      {
        "category": "external",
        "summary": "CSCvm02977",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"
      },
      {
        "category": "external",
        "summary": "CSCvm02977",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"
      },
      {
        "category": "external",
        "summary": "CSCvm02977",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"
      },
      {
        "category": "external",
        "summary": "CSCvm02977",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"
      },
      {
        "category": "external",
        "summary": "CSCvm02977",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"
      },
      {
        "category": "external",
        "summary": "CSCvm02977",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02977"
      },
      {
        "category": "external",
        "summary": "CSCvm02926",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02926"
      },
      {
        "category": "external",
        "summary": "CSCvm02929",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02929"
      },
      {
        "category": "external",
        "summary": "CSCvm02930",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02930"
      },
      {
        "category": "external",
        "summary": "CSCvm02924",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02924"
      },
      {
        "category": "external",
        "summary": "CSCvm02926",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02926"
      },
      {
        "category": "external",
        "summary": "CSCvm02911",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02911"
      },
      {
        "category": "external",
        "summary": "CSCvm02911",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02911"
      },
      {
        "category": "external",
        "summary": "CSCvm02987",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02987"
      },
      {
        "category": "external",
        "summary": "CSCvm02920",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02920"
      },
      {
        "category": "external",
        "summary": "CSCvm02934",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02934"
      },
      {
        "category": "external",
        "summary": "CSCvm03356",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03356"
      },
      {
        "category": "external",
        "summary": "CSCvm03351",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351"
      },
      {
        "category": "external",
        "summary": "CSCvm03339",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03339"
      },
      {
        "category": "external",
        "summary": "CSCvm02934",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02934"
      },
      {
        "category": "external",
        "summary": "CSCvm03356",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03356"
      },
      {
        "category": "external",
        "summary": "CSCvm03357",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03357"
      },
      {
        "category": "external",
        "summary": "CSCvm03353",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03353"
      },
      {
        "category": "external",
        "summary": "CSCvm03351",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351"
      },
      {
        "category": "external",
        "summary": "CSCvm03339",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03339"
      },
      {
        "category": "external",
        "summary": "CSCvm03347",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03347"
      },
      {
        "category": "external",
        "summary": "CSCvm02902",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02902"
      },
      {
        "category": "external",
        "summary": "CSCvm03351",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm03351"
      },
      {
        "category": "external",
        "summary": "CSCvm02994",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02994"
      },
      {
        "category": "external",
        "summary": "CSCvm04841",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm04841"
      },
      {
        "category": "external",
        "summary": "CSCvm02969",
        "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm02969"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisories and Alerts page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      }
    ],
    "title": "CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
    "tracking": {
      "current_release_date": "2018-08-31T20:37:00+00:00",
      "generator": {
        "date": "2022-09-03T03:40:56+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-20180814-cpusidechannel",
      "initial_release_date": "2018-08-14T17:00:00+00:00",
      "revision_history": [
        {
          "date": "2018-08-14T18:24:35+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        },
        {
          "date": "2018-08-15T20:28:21+00:00",
          "number": "1.1.0",
          "summary": "Updated Affected Products Sections: Under Investigation, Confirmed Vulnerable, and Confirmed Not Vulnerable."
        },
        {
          "date": "2018-08-17T20:17:13+00:00",
          "number": "1.2.0",
          "summary": "Removed SGX reference to UCS in the Summary section, no shipping UCS products currently support SGX technology. Updated Affected Products sections: Products Under Investigation, Confirmed Vulnerable, and Confirmed Not Vulnerable."
        },
        {
          "date": "2018-08-22T18:39:04+00:00",
          "number": "1.3.0",
          "summary": "Updated the Products Under Investigation, Confirmed Vulnerable, and Confirmed Not Vulnerable sections."
        },
        {
          "date": "2018-08-28T19:36:37+00:00",
          "number": "1.4.0",
          "summary": "Updated the Products Under Investigation, Confirmed Vulnerable, and Confirmed Not Vulnerable sections."
        },
        {
          "date": "2018-08-31T20:37:06+00:00",
          "number": "1.5.0",
          "summary": "Updated the Products Under Investigation, Confirmed Vulnerable, and Confirmed Not Vulnerable sections."
        }
      ],
      "status": "interim",
      "version": "1.5.0"
    }
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-3615",
      "notes": [
        {
          "category": "general",
          "text": "No additional information for this vulneraiblity is currently avaialbe.",
          "title": "No Notes"
        }
      ],
      "release_date": "2018-08-14T02:02:00+00:00",
      "remediations": [
        {
          "category": "none_available",
          "details": "No remediation is available at this time."
        }
      ],
      "title": "Modern CPU L1 Terminal Fault - SGX"
    },
    {
      "cve": "CVE-2018-3620",
      "notes": [
        {
          "category": "general",
          "text": "No additional information for this vulneraiblity is currently avaialbe.",
          "title": "No Notes"
        }
      ],
      "release_date": "2018-08-14T02:08:00+00:00",
      "remediations": [
        {
          "category": "none_available",
          "details": "No remediation is available at this time."
        }
      ],
      "title": "Modern CPU L1 Terminal Fault - Operating System and System Management Mode"
    },
    {
      "cve": "CVE-2018-3646",
      "notes": [
        {
          "category": "general",
          "text": "No additional information for this vulneraiblity is currently avaialbe.",
          "title": "No Notes"
        }
      ],
      "release_date": "2018-08-14T02:12:00+00:00",
      "remediations": [
        {
          "category": "none_available",
          "details": "No remediation is available at this time."
        }
      ],
      "title": "Modern CPU L1 Terminal Fault - Virtual Machine Mode"
    }
  ]
}

ghsa-9w6j-7396-jgw4

Vulnerability from github

Published

2022-05-13 01:20

Modified

2022-05-13 01:20

Severity ?

6.4 (Medium) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-3615"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-14T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.",
  "id": "GHSA-9w6j-7396-jgw4",
  "modified": "2022-05-13T01:20:08Z",
  "published": "2022-05-13T01:20:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3615"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
    },
    {
      "type": "WEB",
      "url": "https://foreshadowattack.eu"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20180815-0001"
    },
    {
      "type": "WEB",
      "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K35558453"
    },
    {
      "type": "WEB",
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/982149"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/support/security/Synology_SA_18_45"
    },
    {
      "type": "WEB",
      "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105080"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041451"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2018-3615

Vulnerability from fkie_nvd

Published

2018-08-14 19:29

Modified

2024-11-21 04:05

Severity ?

6.4 (Medium) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

Summary

References

URL	Tags
secure@intel.com	http://support.lenovo.com/us/en/solutions/LEN-24163	Third Party Advisory
secure@intel.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en	Third Party Advisory
secure@intel.com	http://www.securityfocus.com/bid/105080	Third Party Advisory, VDB Entry
secure@intel.com	http://www.securitytracker.com/id/1041451	Third Party Advisory, VDB Entry
secure@intel.com	https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
secure@intel.com	https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
secure@intel.com	https://foreshadowattack.eu/	Technical Description, Third Party Advisory
secure@intel.com	https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
secure@intel.com	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008	Third Party Advisory
secure@intel.com	https://security.netapp.com/advisory/ntap-20180815-0001/	Third Party Advisory
secure@intel.com	https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault	Mitigation, Vendor Advisory
secure@intel.com	https://support.f5.com/csp/article/K35558453	Third Party Advisory
secure@intel.com	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us	Third Party Advisory
secure@intel.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel	Third Party Advisory
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html	Vendor Advisory
secure@intel.com	https://www.kb.cert.org/vuls/id/982149	Third Party Advisory
secure@intel.com	https://www.synology.com/support/security/Synology_SA_18_45	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.lenovo.com/us/en/solutions/LEN-24163	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105080	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041451	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
af854a3a-2127-422b-91ae-364da2661108	https://foreshadowattack.eu/	Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
af854a3a-2127-422b-91ae-364da2661108	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20180815-0001/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K35558453	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/982149	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.synology.com/support/security/Synology_SA_18_45	Third Party Advisory

Impacted products

Vendor	Product	Version
intel	core_i3	6006u
intel	core_i3	6098p
intel	core_i3	6100
intel	core_i3	6100e
intel	core_i3	6100h
intel	core_i3	6100t
intel	core_i3	6100te
intel	core_i3	6100u
intel	core_i3	6102e
intel	core_i3	6157u
intel	core_i3	6167u
intel	core_i3	6300
intel	core_i3	6300t
intel	core_i3	6320
intel	core_i5	650
intel	core_i5	655k
intel	core_i5	660
intel	core_i5	661
intel	core_i5	670
intel	core_i5	680
intel	core_i5	6200u
intel	core_i5	6260u
intel	core_i5	6267u
intel	core_i5	6287u
intel	core_i5	6300hq
intel	core_i5	6300u
intel	core_i5	6350hq
intel	core_i5	6360u
intel	core_i5	6400
intel	core_i5	6400t
intel	core_i5	6402p
intel	core_i5	6440eq
intel	core_i5	6440hq
intel	core_i5	6442eq
intel	core_i5	6500
intel	core_i5	6500t
intel	core_i5	6500te
intel	core_i5	6585r
intel	core_i5	6600
intel	core_i5	6600k
intel	core_i5	6600t
intel	core_i5	6685r
intel	core_i7	610e
intel	core_i7	620le
intel	core_i7	620lm
intel	core_i7	620m
intel	core_i7	620ue
intel	core_i7	620um
intel	core_i7	640lm
intel	core_i7	640m
intel	core_i7	640um
intel	core_i7	660lm
intel	core_i7	660ue
intel	core_i7	660um
intel	core_i7	680um
intel	core_i5	750
intel	core_i5	750s
intel	core_i5	760
intel	core_i7	7y75
intel	core_i7	720qm
intel	core_i7	740qm
intel	core_i7	7500u
intel	core_i7	7560u
intel	core_i7	7567u
intel	core_i7	7600u
intel	core_i7	7660u
intel	core_i7	7700
intel	core_i7	7700hq
intel	core_i7	7700k
intel	core_i7	7700t
intel	core_i7	7820eq
intel	core_i7	7820hk
intel	core_i7	7820hq
intel	core_i7	7920hq
intel	core_i3	8100
intel	core_i3	8350k
intel	core_i5	8250u
intel	core_i5	8350u
intel	core_i5	8400
intel	core_i5	8600k
intel	core_i7	820qm
intel	core_i7	840qm
intel	core_i7	860
intel	core_i7	860s
intel	core_i7	870
intel	core_i7	870s
intel	core_i7	875k
intel	core_i7	880
intel	core_i7	8550u
intel	core_i7	8650u
intel	core_i7	8700
intel	core_i7	8700k
intel	xeon_e3	1515m_v5
intel	xeon_e3	1535m_v5
intel	xeon_e3	1545m_v5
intel	xeon_e3	1558l_v5
intel	xeon_e3	1565l_v5
intel	xeon_e3	1575m_v5
intel	xeon_e3	1578l_v5
intel	xeon_e3	1585_v5
intel	xeon_e3	1585l_v5
intel	xeon_e3_1220_v5	-
intel	xeon_e3_1225_v5	-
intel	xeon_e3_1230_v5	-
intel	xeon_e3_1235l_v5	-
intel	xeon_e3_1240_v5	-
intel	xeon_e3_1240l_v5	-
intel	xeon_e3_1245_v5	-
intel	xeon_e3_1260l_v5	-
intel	xeon_e3_1268l_v5	-
intel	xeon_e3_1270_v5	-
intel	xeon_e3_1275_v5	-
intel	xeon_e3_1280_v5	-
intel	xeon_e3_1505l_v5	-
intel	xeon_e3_1505m_v5	-
intel	xeon_e3	1505m_v6
intel	xeon_e3	1535m_v6
intel	xeon_e3_1220_v6	-
intel	xeon_e3_1225_v6	-
intel	xeon_e3_1230_v6	-
intel	xeon_e3_1240_v6	-
intel	xeon_e3_1245_v6	-
intel	xeon_e3_1270_v6	-
intel	xeon_e3_1275_v6	-
intel	xeon_e3_1280_v6	-
intel	xeon_e3_1285_v6	-
intel	xeon_e3_1501l_v6	-
intel	xeon_e3_1501m_v6	-
intel	xeon_e3_1505l_v6	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6B859F7-0373-4ADD-92B3-0FAB42FCF23C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAC76F31-00A5-4719-AA50-92F773919B3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*",
              "matchCriteriaId": "49996F5A-51B2-4D4E-AE04-E98E093A76CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F8406B0-D1E5-4633-B17E-53DC99FE7622",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D49435C-7C33-454B-9F43-9C10F28A28A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17E1A0F-1150-4899-81BC-BE84E4EF5FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*",
              "matchCriteriaId": "EADD98AE-BAB0-440D-AB9F-2D76BE5109E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED44A404-8548-4EDC-8928-4094D05A6A38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2AAD8F0-0D31-4806-8A88-A30E5BE43630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*",
              "matchCriteriaId": "8164EE5F-6ABA-4365-8718-2F98C2E57A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7110AF9-A407-4EE2-9C46-E5F1E3638E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A06696D-37F0-427D-BFC5-1606E7441C31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AB02172-B9A7-4801-88F2-98BF5843184A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*",
              "matchCriteriaId": "5141380E-BD18-47C1-A84C-384BA821773D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE6C49E-2359-4E44-9979-7D34F8460E35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*",
              "matchCriteriaId": "C004B75F-37AF-4E61-98F3-1B09A7062DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7126D19-C6D9-43CB-8809-647B1A20E7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CC98503-A80A-4114-8BF2-E016659BE84E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FC246FE-4CA6-4B2D-83C3-D50A386C24A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*",
              "matchCriteriaId": "758A14DB-1BAF-442A-BA7C-5E9C67847BEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*",
              "matchCriteriaId": "61309100-CFA7-4607-A236-8910838AA057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D76265-7BD0-4C51-AE77-22B22524DE81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE38B195-BB8D-4747-881D-E8033760B4C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AA8BE76-168D-48A3-8DF6-E91F44600408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B656975-5D71-4712-9820-BDB7BC248AFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA045267-114D-4587-B6D7-E273C28DC9B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*",
              "matchCriteriaId": "77018415-E122-406E-896D-1BC6CF790BE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4E1C012-3E05-44DB-B6D2-BFD619C034B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*",
              "matchCriteriaId": "15D689D6-8594-42F2-8EEF-DCAEBA885A67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6446000-0494-4DC5-ABAA-F20A44546068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*",
              "matchCriteriaId": "99B94EEC-6690-45D0-B086-F4A5B25C25CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*",
              "matchCriteriaId": "832AB3CD-E3A1-4CCB-A210-287973563D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A26C0CC-68AD-40F5-96B8-87E6C643F6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C4221A-9994-43B3-9C7A-E13815A50A10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*",
              "matchCriteriaId": "20070B1D-B91C-40BA-A9D8-E80170A2933F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*",
              "matchCriteriaId": "A70129C9-371F-4542-A388-C095869E593A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A5EC79-1B21-4BB3-8791-73507BC8D4DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB4AFC3-FE30-4F46-ADC1-D03EB14E757D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0387587-AAB6-4284-8516-4DA3E3582D30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*",
              "matchCriteriaId": "A238C975-9196-449F-9C15-ABB2E9FD1D06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F17F4A5-120B-4E00-97C8-8A85841ACBC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*",
              "matchCriteriaId": "2537F047-64C9-4E73-B82C-310253184183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A55857C-649D-46CE-AEDA-6E553E554FC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA4892D-AFDF-4441-821E-5EBF7F64C9F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*",
              "matchCriteriaId": "327E06A3-7F0E-4498-8811-10C8D15398FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*",
              "matchCriteriaId": "1624E6D6-858E-4085-B0B9-362B819EFD88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*",
              "matchCriteriaId": "50D61F4A-40F0-477C-8326-7359D3626E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*",
              "matchCriteriaId": "1455B4DE-7F1C-4CF2-AE02-2EDD20025D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B215788-860B-46CD-9A08-43AFF98FAEAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E6F4A7-24BE-4AA0-9CDD-84FBC56FE9BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*",
              "matchCriteriaId": "3821412D-B010-49C4-A7B4-6C5FB6C603B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34CA5CC-9EB1-4063-8B9D-3F566C1EFF76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B92FAD5-CA6E-48F7-9613-3A4CE90F5F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4EB132B-000C-4A17-AFB3-19F40A73D2CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*",
              "matchCriteriaId": "6158ED8A-007E-48B7-99BF-8BA03BF584BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA7096A-F321-49A0-911A-F9683ABE6E6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A471395-7F8F-4BA5-962D-4D8F271FAB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9484380-92B9-44DB-8E20-DC8DE02D1CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*",
              "matchCriteriaId": "8010808D-805D-4CA3-9EA2-55EB1E57964C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*",
              "matchCriteriaId": "9716FE9F-A056-42A3-A241-F2FE37A6386A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*",
              "matchCriteriaId": "F73422A3-ECA0-4C41-9AA5-CF7D77885CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A96A5AF-C9EF-4DED-AE25-4540A2B02915",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5115B12-053A-4866-A833-D6EC88D8F93E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5619D4D-9685-4595-8A5F-A18273FE4213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77E00E7-0EA4-4E32-A693-0E0F66BA4C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAA3457E-7E1A-4878-9752-79382E954A66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*",
              "matchCriteriaId": "68630C63-4457-4E12-B7BD-AD456B237FC5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*",
              "matchCriteriaId": "68A76015-0A05-4EC7-B136-DC13B55D881F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*",
              "matchCriteriaId": "C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C4DE25F-168A-4C67-8B66-09F61F072BD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*",
              "matchCriteriaId": "58157F24-D89E-4552-8CE6-2F01E98BD1E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*",
              "matchCriteriaId": "45ACBBEA-EC95-4F3E-B585-893DB6D21A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4815AE-B635-4545-83C2-5EC4E0128337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0046C06-E3E6-4674-A4D1-332DD29D9552",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C191851-3DC3-41C7-AD89-81F091CCC83A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*",
              "matchCriteriaId": "21126922-8E81-47F4-82D4-CBCDDACEC4FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*",
              "matchCriteriaId": "209E18B0-BBB5-4C65-B336-44340F7740DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*",
              "matchCriteriaId": "C867C0B8-91A4-482A-B7DD-54AB9599AE52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*",
              "matchCriteriaId": "30F03843-8A51-4CE1-BE6C-994BDE3A8F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*",
              "matchCriteriaId": "09854948-2657-4261-A32A-0523058F072E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FB5695-2950-4CEC-81B4-FD280F835330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F340AF8-508F-449D-9AFA-4E55F069B4F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*",
              "matchCriteriaId": "E944410E-D674-4141-B50C-9F55090325FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6438E07-0AC0-4BF9-B0F2-9072CA9639D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "687C3BF3-D71A-49AD-8A05-EAC07CBCD949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "90AF90D9-16C4-4F8A-9868-3E2823E3445C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "64596ED7-794A-4D23-987B-D9AD59D48EA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2E52BA6-2F2F-4CD2-A601-5B0ADDE5E23F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FDA48F0-0F35-4A8F-8117-B0B28E00AB95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A561A8E8-79E2-4071-B57D-590C22EF86A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "92E46658-60AB-4758-9236-3AC0E6464383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "207B8FBA-E2FF-485A-9AD9-E604AE0FB903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F99640-C753-40BE-A0A1-4C2D92E7DB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EF7EC93-0170-45A9-86C7-5460320B2AE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B9FF7FB-AB5A-4549-8C15-E69458C649E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79C2131-5566-4CC2-B6ED-38E3F6964500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "605D7552-8184-4B11-96FD-FE501A6C97DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7165B43-ED22-4714-8FA4-1E201D1BFA69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13878C13-1C7C-4B83-AF27-4998E8F659DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C48BBAF-6B27-43D6-B86B-40CD8E7BA056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DB08C8-0018-4A8E-A206-097BDDF83B08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B1BD2B6-1AF6-4AD4-94FA-94B453A21908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F585E-BDEF-45EE-B0AB-94FE23753AC5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
              "matchCriteriaId": "44AA72FB-E78D-419E-AA82-B0538C6504D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C063C53-8970-45B1-85F8-FB2080BF4695",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CEF6608-B650-4C77-9823-0AD57B3484F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3144BBDE-CC96-4408-AA02-ECC3BF902A34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75AD7649-3FEA-4971-9886-6C9312B937A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C07E80D5-70A5-49C9-9044-D683C7ECCFF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D75D0EEB-707C-4C86-A569-E91E9F00BA77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7193E85-30BE-42D5-A26B-3F88817F3574",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A371DF9-E224-404F-99C2-C2A4607E62D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6215EBAC-7C75-4647-9970-482120897F1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3357FCAC-B6C4-4E3E-A40B-AB5084A7F9B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D1FD6E8-80EC-461F-9ED1-CE5912399E80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
    },
    {
      "lang": "es",
      "value": "Los sistemas con microprocesadores que emplean ejecuci\u00f3n especulativa y extensiones Intel software guard (Intel SGX) podr\u00eda permitir la fuga no autorizada de informaci\u00f3n que reside en la cach\u00e9 de datos L1 desde un enclave a un atacante con acceso de usuario local mediante un an\u00e1lisis de canal lateral."
    }
  ],
  "id": "CVE-2018-3615",
  "lastModified": "2024-11-21T04:05:46.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 7.8,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.1,
        "impactScore": 4.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-08-14T19:29:00.670",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105080"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041451"
    },
    {
      "source": "secure@intel.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
    },
    {
      "source": "secure@intel.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://foreshadowattack.eu/"
    },
    {
      "source": "secure@intel.com",
      "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K35558453"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.kb.cert.org/vuls/id/982149"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.synology.com/support/security/Synology_SA_18_45"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://foreshadowattack.eu/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K35558453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.kb.cert.org/vuls/id/982149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.synology.com/support/security/Synology_SA_18_45"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2018-3615

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-3615

Aliases

CVE-2018-3615

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-3615",
    "description": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.",
    "id": "GSD-2018-3615",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-3615.html",
      "https://advisories.mageia.org/CVE-2018-3615.html",
      "https://security.archlinux.org/CVE-2018-3615",
      "https://alas.aws.amazon.com/cve/html/CVE-2018-3615.html",
      "https://linux.oracle.com/cve/CVE-2018-3615.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-3615"
      ],
      "details": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.",
      "id": "GSD-2018-3615",
      "modified": "2023-12-13T01:22:43.095049Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2018-08-14T00:00:00",
        "ID": "CVE-2018-3615",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Multiple",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Multiple"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information Disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "VU#982149",
            "refsource": "CERT-VN",
            "url": "https://www.kb.cert.org/vuls/id/982149"
          },
          {
            "name": "1041451",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041451"
          },
          {
            "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",
            "refsource": "CONFIRM",
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
          },
          {
            "name": "105080",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105080"
          },
          {
            "name": "https://foreshadowattack.eu/",
            "refsource": "MISC",
            "url": "https://foreshadowattack.eu/"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
          },
          {
            "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
          },
          {
            "name": "https://support.f5.com/csp/article/K35558453",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K35558453"
          },
          {
            "name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
            "refsource": "CONFIRM",
            "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
          },
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
          },
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
            "refsource": "CONFIRM",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
          },
          {
            "name": "https://www.synology.com/support/security/Synology_SA_18_45",
            "refsource": "CONFIRM",
            "url": "https://www.synology.com/support/security/Synology_SA_18_45"
          },
          {
            "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
          },
          {
            "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
            "refsource": "CONFIRM",
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
          },
          {
            "name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
            "refsource": "CONFIRM",
            "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-3615"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-203"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03874en_us"
            },
            {
              "name": "1041451",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1041451"
            },
            {
              "name": "105080",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105080"
            },
            {
              "name": "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
              "refsource": "CISCO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"
            },
            {
              "name": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault",
              "refsource": "CONFIRM",
              "tags": [
                "Mitigation",
                "Vendor Advisory"
              ],
              "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
            },
            {
              "name": "https://foreshadowattack.eu/",
              "refsource": "MISC",
              "tags": [
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "https://foreshadowattack.eu/"
            },
            {
              "name": "http://support.lenovo.com/us/en/solutions/LEN-24163",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.lenovo.com/us/en/solutions/LEN-24163"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_45",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.synology.com/support/security/Synology_SA_18_45"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180815-0001/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
            },
            {
              "name": "https://support.f5.com/csp/article/K35558453",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K35558453"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
            },
            {
              "name": "VU#982149",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.kb.cert.org/vuls/id/982149"
            },
            {
              "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 7.8,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 1.1,
          "impactScore": 4.7
        }
      },
      "lastModifiedDate": "2020-08-24T17:37Z",
      "publishedDate": "2018-08-14T19:29Z"
    }
  }
}

tid-103

Vulnerability from emb3d

Type

hardware

Link

Show details on source website

Description

Operating system memory safety models rely on processor hardware to enforce separation between different virtual memory spaces. Failures of processor architectures to properly deliver these security guarantees can lead to sensitive information being disclosed across the boundaries between different kernel and process memory spaces. The performance optimization features in modern processors have been shown to be a source of such data leakage vulnerabilities. Data leakage through timing-based side channels introduced by the behavior of processor features such as memory caches have long been known to be effective against cryptographic implementations. The Spectre and Meltdown vulnerabilities announced in 2018 brought attention to weaknesses in certain microarchitectural performance features that could be manipulated in conjunction with memory cache timing techniques to leak data across OS virtual memory bounds. Spectre / Meltdown, and subsequent research work, demonstrated that speculative execution features (e.g., branch prediction, speculative memory loads/stores, out-of-order execution, etc.) could lead to memory locations being read into the CPU’s cache in violation of virtual memory permissions. Malicious code could then utilize a subsequent cache timing side channel attack to extract the data stored in those memory locations.

CWE

CWE-1037: Processor Optimization Removal or Modification of Security-critical Code
CWE-1264: Hardware Logic with Insecure De-Synchronization between Control and Data Channels

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-3615 (GCVE-0-2018-3615)

Vulnerability from cvelistv5

cisco-sa-20180814-cpusidechannel

Vulnerability from csaf_cisco

ghsa-9w6j-7396-jgw4

Vulnerability from github

fkie_cve-2018-3615

Vulnerability from fkie_nvd

gsd-2018-3615

Vulnerability from gsd

tid-103

Vulnerability from emb3d

Tags

Sightings

Nomenclature