CVE-2020-8698

EPSS 0.21%
Published 12.11.2020 18:15:16
Last modified 21.11.2024 05:39:17
Source secure@intel.com
Teams watchlist Login
Open Login

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Affected products Warnungen 0 Metrics 3 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Microcode Version-

   Intel ≫ Core I3-1000g1 Version-
   Intel ≫ Core I3-1000g4 Version-
   Intel ≫ Core I3-1005g1 Version-
   Intel ≫ Core I3-1110g4 Version-
   Intel ≫ Core I3-1115g4 Version-
   Intel ≫ Core I3-1120g4 Version-
   Intel ≫ Core I3-1125g4 Version-
   Intel ≫ Core I5-1030g4 Version-
   Intel ≫ Core I5-1030g7 Version-
   Intel ≫ Core I5-1035g1 Version-
   Intel ≫ Core I5-1035g4 Version-
   Intel ≫ Core I5-1035g7 Version-
   Intel ≫ Core I5-1130g7 Version-
   Intel ≫ Core I5-1135g7 Version-
   Intel ≫ Core I7-1060g7 Version-
   Intel ≫ Core I7-1065g7 Version-
   Intel ≫ Core I7-1160g7 Version-
   Intel ≫ Core I7-1165g7 Version-
   Intel ≫ Core I7-1185g7 Version-

Netapp ≫ Clustered Data Ontap Version-

Netapp ≫ Hci Compute Node Bios Version-

Netapp ≫ Hci Compute Node Version-

Netapp ≫ Hci Storage Node Bios Version-

Netapp ≫ Hci Storage Node Version-

Netapp ≫ Solidfire Bios Version-

Netapp ≫ Solidfire Version-

Fedoraproject ≫ Fedora Version31

Debian ≫ Debian Linux Version9.0

Siemens ≫ Simatic Field Pg M5 Firmware Version < 22.01.08

Siemens ≫ Simatic Field Pg M5 Version-

Siemens ≫ Simatic Field Pg M6 Firmware

Siemens ≫ Simatic Field Pg M6 Version-

Siemens ≫ Simatic Ipc427e Firmware Version < 21.01.15

Siemens ≫ Simatic Ipc427e Version-

Siemens ≫ Simatic Ipc477e Firmware Version < 21.01.15

Siemens ≫ Simatic Ipc477e Version-

Siemens ≫ Simatic Ipc477e Pro Firmware Version < 21.01.15

Siemens ≫ Simatic Ipc477e Pro Version-

Siemens ≫ Simatic Ipc627e Firmware Version < 25.02.08

Siemens ≫ Simatic Ipc627e Version-

Siemens ≫ Simatic Ipc647e Firmware Version < 25.02.08

Siemens ≫ Simatic Ipc647e Version-

Siemens ≫ Simatic Ipc677e Firmware Version < 25.02.08

Siemens ≫ Simatic Ipc677e Version-

Siemens ≫ Simatic Ipc847e Firmware Version < 25.02.08

Siemens ≫ Simatic Ipc847e Version-

Siemens ≫ Simatic Itp1000 Firmware Version < 23.01.08

Siemens ≫ Simatic Itp1000 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.21%	0.428

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/

https://security.netapp.com/advisory/ntap-20201113-0006/

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-8698

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-8698

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-8698

EUVD