6.5

CVE-2021-26403

Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of VM confidentiality.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AmdEpyc 7001 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7001 Version-
AmdEpyc 7251 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7251 Version-
AmdEpyc 7261 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7261 Version-
AmdEpyc 7281 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7281 Version-
AmdEpyc 7301 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7301 Version-
AmdEpyc 7351 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7351 Version-
AmdEpyc 7351p Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7351p Version-
AmdEpyc 7371 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7371 Version-
AmdEpyc 7401 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7401 Version-
AmdEpyc 7401p Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7401p Version-
AmdEpyc 7451 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7451 Version-
AmdEpyc 7501 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7501 Version-
AmdEpyc 7551 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7551 Version-
AmdEpyc 7551p Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7551p Version-
AmdEpyc 7601 Firmware Version < naplespi_1.0.0.e
   AmdEpyc 7601 Version-
AmdEpyc 7002 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7002 Version-
AmdEpyc 7232p Firmware Version < romepi_1.0.0.9
   AmdEpyc 7232p Version-
AmdEpyc 7252 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7252 Version-
AmdEpyc 7262 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7262 Version-
AmdEpyc 7272 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7272 Version-
AmdEpyc 7282 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7282 Version-
AmdEpyc 7302 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7302 Version-
AmdEpyc 7302p Firmware Version < romepi_1.0.0.9
   AmdEpyc 7302p Version-
AmdEpyc 7352 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7352 Version-
AmdEpyc 7402 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7402 Version-
AmdEpyc 7402p Firmware Version < romepi_1.0.0.9
   AmdEpyc 7402p Version-
AmdEpyc 7452 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7452 Version-
AmdEpyc 7502 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7502 Version-
AmdEpyc 7502p Firmware Version < romepi_1.0.0.9
   AmdEpyc 7502p Version-
AmdEpyc 7532 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7532 Version-
AmdEpyc 7542 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7542 Version-
AmdEpyc 7552 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7552 Version-
AmdEpyc 7642 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7642 Version-
AmdEpyc 7662 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7662 Version-
AmdEpyc 7702 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7702 Version-
AmdEpyc 7702p Firmware Version < romepi_1.0.0.9
   AmdEpyc 7702p Version-
AmdEpyc 7742 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7742 Version-
AmdEpyc 7f32 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7f32 Version-
AmdEpyc 7f52 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7f52 Version-
AmdEpyc 7f72 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7f72 Version-
AmdEpyc 7h12 Firmware Version < romepi_1.0.0.9
   AmdEpyc 7h12 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.06% 0.198
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2 4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 2 4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE-345 Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.