7.8
CVE-2023-27517
- EPSS 0.04%
- Published 14.02.2024 14:15:47
- Last modified 20.02.2025 15:10:10
- Source secure@intel.com
- Teams watchlist Login
- Open Login
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access.
Data is provided by the National Vulnerability Database (NVD)
Intel ≫ Optane Persistent Memory Firmware Version >= 01.00.00.3072 < 01.00.00.3547
Intel ≫ Nma1xxd128gpsu4 Version-
Intel ≫ Nma1xxd128gpsuf Version-
Intel ≫ Nma1xxd256gpsu4 Version-
Intel ≫ Nma1xxd256gpsuf Version-
Intel ≫ Nma1xxd512gpsu4 Version-
Intel ≫ Nma1xxd512gpsuf Version-
Intel ≫ Nma1xxd128gpsuf Version-
Intel ≫ Nma1xxd256gpsu4 Version-
Intel ≫ Nma1xxd256gpsuf Version-
Intel ≫ Nma1xxd512gpsu4 Version-
Intel ≫ Nma1xxd512gpsuf Version-
Intel ≫ Optane Persistent Memory Firmware Version >= 02.00.00.3423 < 02.00.00.3915
Intel ≫ Nmb1xxd128gpsu4 Version-
Intel ≫ Nmb1xxd128gpsuf Version-
Intel ≫ Nmb1xxd256gpsu4 Version-
Intel ≫ Nmb1xxd256gpsuf Version-
Intel ≫ Nmb1xxd512gpsu4 Version-
Intel ≫ Nmb1xxd512gpsuf Version-
Intel ≫ Nmb1xxd128gpsuf Version-
Intel ≫ Nmb1xxd256gpsu4 Version-
Intel ≫ Nmb1xxd256gpsuf Version-
Intel ≫ Nmb1xxd512gpsu4 Version-
Intel ≫ Nmb1xxd512gpsuf Version-
Intel ≫ Optane Persistent Memory Firmware Version >= 03.00.00.0302 < 03.00.00.0483
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.129 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| secure@intel.com | 6.6 | 1.3 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.