6.8
CVE-2021-33080
- EPSS 0.35%
- Veröffentlicht 12.05.2022 17:15:09
- Zuletzt bearbeitet 05.05.2025 17:17:07
- Quelle secure@intel.com
- Teams Watchlist Login
- Unerledigt Login
Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Optane Ssd Dc P4800x Firmware Version < e2010600
Intel ≫ Optane Ssd Dc P4801x Firmware Version < e2010600
Intel ≫ Optane Ssd P5800x Firmware Version < l0310200
Intel ≫ Optane Memory H20 With Solid State Storage Firmware Version < pgf028k
Intel ≫ Optane Memory H10 With Solid State Storage Firmware Version < tgf061k
Intel ≫ Optane Ssd 905p Firmware Version < fw600
Intel ≫ Optane Ssd 900p Firmware Version < fw600
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.57 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer
The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.