CVE-2018-18095

EPSS 0.23%
Veröffentlicht 11.07.2019 21:15:09
Zuletzt bearbeitet 21.11.2024 03:55:28
Quelle secure@intel.com
Teams Watchlist Login
Unerledigt Login

Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Intel ≫ Ssd Dc S4500 Firmware Version < scv10150

Intel ≫ Ssd Dc S4500 Version-

Intel ≫ Ssd Dc S4600 Firmware Version < scv10150

Intel ≫ Ssd Dc S4600 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.462

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securityfocus.com/bid/109103

Third Party Advisory

VDB Entry

https://support.f5.com/csp/article/K62655863

https://support.f5.com/csp/article/K62655863?utm_source=f5support&amp%3Butm_medium=RSS

https://support.lenovo.com/us/en/product_security/LEN-28116

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00267.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-18095

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-18095

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-18095

EUVD