Vulnerability-Lookup

CVE-2018-12193 (GCVE-0-2018-12193)

Vulnerability from cvelistv5 – Published: 2018-10-10 18:00 – Updated: 2024-09-16 20:47

Summary

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.

Severity

No CVSS data available.

CWE

Information Disclosure

Assigner

intel

References

1 reference

URL	Tags
https://cdrdv2.intel.com/v1/dl/getContent/685356	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
Intel Corporation	Intel QuickAssit Technology for Linux	Affected: before 4.2

Date Public

2018-10-09 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:58.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel QuickAssit Technology for Linux",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "before 4.2"
            }
          ]
        }
      ],
      "datePublic": "2018-10-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-19T17:56:41.000Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-10-09T00:00:00",
          "ID": "CVE-2018-12193",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel QuickAssit Technology for Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 4.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cdrdv2.intel.com/v1/dl/getContent/685356",
              "refsource": "CONFIRM",
              "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-12193",
    "datePublished": "2018-10-10T18:00:00.000Z",
    "dateReserved": "2018-06-11T00:00:00.000Z",
    "dateUpdated": "2024-09-16T20:47:56.153Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-12193",
      "date": "2026-05-27",
      "epss": "0.0006",
      "percentile": "0.18741"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:quickassist_technology:*:*:*:*:*:linux:*:*\", \"versionEndExcluding\": \"4.2\", \"matchCriteriaId\": \"5A4B99E8-553D-4448-92D8-B1EB293E70D6\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.\"}, {\"lang\": \"es\", \"value\": \"Control de acceso insuficiente en la pila del controlador para Intel QuickAssist Technology para Linux en versiones anteriores a la 4.2 podr\\u00eda permitir que un usuario sin privilegios divulgue informaci\\u00f3n mediante acceso local.\"}]",
      "id": "CVE-2018-12193",
      "lastModified": "2024-11-21T03:44:43.897",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-10-10T18:29:04.483",
      "references": "[{\"url\": \"https://cdrdv2.intel.com/v1/dl/getContent/685356\", \"source\": \"secure@intel.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://cdrdv2.intel.com/v1/dl/getContent/685356\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-12193\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2018-10-10T18:29:04.483\",\"lastModified\":\"2024-11-21T03:44:43.897\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.\"},{\"lang\":\"es\",\"value\":\"Control de acceso insuficiente en la pila del controlador para Intel QuickAssist Technology para Linux en versiones anteriores a la 4.2 podr\u00eda permitir que un usuario sin privilegios divulgue informaci\u00f3n mediante acceso local.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:quickassist_technology:*:*:*:*:*:linux:*:*\",\"versionEndExcluding\":\"4.2\",\"matchCriteriaId\":\"5A4B99E8-553D-4448-92D8-B1EB293E70D6\"}]}]}],\"references\":[{\"url\":\"https://cdrdv2.intel.com/v1/dl/getContent/685356\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cdrdv2.intel.com/v1/dl/getContent/685356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2018-AVI-489

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel QuickAssist Technology pour Linux, versions antérieures à 4.2
Intel	N/A	Intel NUC Firmware Kits téléchargé avant le 24 Mai 2018
Intel	N/A	Intel Graphics Drivers versions antérieures à 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) et 20.19.x.5058 (aka 15.40.x.5058)

References

Title

Publication Time

CERTFR-2018-AVI-489

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel QuickAssist Technology pour Linux, versions antérieures à 4.2
Intel	N/A	Intel NUC Firmware Kits téléchargé avant le 24 Mai 2018
Intel	N/A	Intel Graphics Drivers versions antérieures à 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) et 20.19.x.5058 (aka 15.40.x.5058)

References

Title

Publication Time

CNVD-2018-20761

Vulnerability from cnvd - Published: 2018-10-12

Title

Intel QuickAssist Technology for Linux访问控制错误漏洞

Description

Intel QuickAssist Technology for Linux是美国英特尔（Intel）公司的一款基于Linux平台的数据管理技术，它主要用于增强云、网络、大数据和存储应用中动态数据和静态数据的安全性和压缩性能。 Intel QuickAssist Technology for Linux 4.2版本中的驱动程序栈存在访问控制错误漏洞，本地攻击者可利用该漏洞泄露信息。

Severity

低

Patch Name

Intel QuickAssist Technology for Linux访问控制错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.intel.com

Reference

https://01.org/security/advisories/intel-oss-10005

Impacted products

Name
Intel QuickAssist Technology for Linux 4.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-12193"
    }
  },
  "description": "Intel QuickAssist Technology for Linux\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8eLinux\u5e73\u53f0\u7684\u6570\u636e\u7ba1\u7406\u6280\u672f\uff0c\u5b83\u4e3b\u8981\u7528\u4e8e\u589e\u5f3a\u4e91\u3001\u7f51\u7edc\u3001\u5927\u6570\u636e\u548c\u5b58\u50a8\u5e94\u7528\u4e2d\u52a8\u6001\u6570\u636e\u548c\u9759\u6001\u6570\u636e\u7684\u5b89\u5168\u6027\u548c\u538b\u7f29\u6027\u80fd\u3002\r\n\r\nIntel QuickAssist Technology for Linux 4.2\u7248\u672c\u4e2d\u7684\u9a71\u52a8\u7a0b\u5e8f\u6808\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6cc4\u9732\u4fe1\u606f\u3002",
  "discovererName": "unknown",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.intel.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-20761",
  "openTime": "2018-10-12",
  "patchDescription": "Intel QuickAssist Technology for Linux\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8eLinux\u5e73\u53f0\u7684\u6570\u636e\u7ba1\u7406\u6280\u672f\uff0c\u5b83\u4e3b\u8981\u7528\u4e8e\u589e\u5f3a\u4e91\u3001\u7f51\u7edc\u3001\u5927\u6570\u636e\u548c\u5b58\u50a8\u5e94\u7528\u4e2d\u52a8\u6001\u6570\u636e\u548c\u9759\u6001\u6570\u636e\u7684\u5b89\u5168\u6027\u548c\u538b\u7f29\u6027\u80fd\u3002\r\n\r\nIntel QuickAssist Technology for Linux 4.2\u7248\u672c\u4e2d\u7684\u9a71\u52a8\u7a0b\u5e8f\u6808\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6cc4\u9732\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel QuickAssist Technology for Linux\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel QuickAssist Technology for Linux 4.2"
  },
  "referenceLink": "https://01.org/security/advisories/intel-oss-10005",
  "serverity": "\u4f4e",
  "submitTime": "2018-10-11",
  "title": "Intel QuickAssist Technology for Linux\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

FKIE_CVE-2018-12193

Vulnerability from fkie_nvd - Published: 2018-10-10 18:29 - Updated: 2024-11-21 03:44

Severity

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.

References

	URL	Tags
	secure@intel.com	https://cdrdv2.intel.com/v1/dl/getContent/685356	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cdrdv2.intel.com/v1/dl/getContent/685356	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	intel	quickassist_technology	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:quickassist_technology:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "5A4B99E8-553D-4448-92D8-B1EB293E70D6",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access."
    },
    {
      "lang": "es",
      "value": "Control de acceso insuficiente en la pila del controlador para Intel QuickAssist Technology para Linux en versiones anteriores a la 4.2 podr\u00eda permitir que un usuario sin privilegios divulgue informaci\u00f3n mediante acceso local."
    }
  ],
  "id": "CVE-2018-12193",
  "lastModified": "2024-11-21T03:44:43.897",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-10T18:29:04.483",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-PWCP-JWJX-3JGM

Vulnerability from github – Published: 2022-05-13 01:04 – Updated: 2022-05-13 01:04

Details

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.

Severity

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-12193"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-10T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.",
  "id": "GHSA-pwcp-jwjx-3jgm",
  "modified": "2022-05-13T01:04:25Z",
  "published": "2022-05-13T01:04:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12193"
    },
    {
      "type": "WEB",
      "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-12193

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.

Aliases

CVE-2018-12193

Aliases

CVE-2018-12193

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-12193",
    "description": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.",
    "id": "GSD-2018-12193",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-12193.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-12193"
      ],
      "details": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.",
      "id": "GSD-2018-12193",
      "modified": "2023-12-13T01:22:30.600843Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2018-10-09T00:00:00",
        "ID": "CVE-2018-12193",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel QuickAssit Technology for Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "before 4.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information Disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cdrdv2.intel.com/v1/dl/getContent/685356",
            "refsource": "CONFIRM",
            "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:quickassist_technology:*:*:*:*:*:linux:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-12193"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cdrdv2.intel.com/v1/dl/getContent/685356",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://cdrdv2.intel.com/v1/dl/getContent/685356"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-12-16T18:49Z",
      "publishedDate": "2018-10-10T18:29Z"
    }
  }
}

VAR-201810-1468

Vulnerability from variot - Updated: 2023-12-18 11:36

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Service operation interruption (DoS) * information leak * any WebGL Code execution. Intel QuickAssist Technology for Linux is a data management technology based on the Linux platform of Intel Corporation of the United States. It is mainly used to enhance the security and compression performance of dynamic data and static data in cloud, network, big data and storage applications. A local attacker could exploit this vulnerability to disclose information

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201810-1468",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "quickassist technology",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4.2"
      },
      {
        "model": "nuc kits",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2018 year 5 moon 24 before the japanese version"
      },
      {
        "model": "quickassist technology",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for linux version 4.2"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "10.18.x.5056 (aka 15.33.x.5056)"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "10.18.x.5057 (aka 15.36.x.5057)"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "20.19.x.5058 (aka 15.40.x.5058)"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:quickassist_technology:*:*:*:*:*:linux:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      }
    ]
  },
  "cve": "CVE-2018-12193",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-122128",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-12193",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "LOW",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-12193",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201810-538",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-122128",
            "trust": 0.1,
            "value": "LOW"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-12193",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122128"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-12193"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Service operation interruption (DoS) * information leak * any WebGL Code execution. Intel QuickAssist Technology for Linux is a data management technology based on the Linux platform of Intel Corporation of the United States. It is mainly used to enhance the security and compression performance of dynamic data and static data in cloud, network, big data and storage applications. A local attacker could exploit this vulnerability to disclose information",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "db": "VULHUB",
        "id": "VHN-122128"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-12193"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-12193",
        "trust": 2.6
      },
      {
        "db": "JVN",
        "id": "JVNVU99973215",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-122128",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-12193",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122128"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-12193"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ]
  },
  "id": "VAR-201810-1468",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122128"
      }
    ],
    "trust": 0.725
  },
  "last_update_date": "2023-12-18T11:36:34.761000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-OSS-10005 - Intel QuickAssist Technology for Linux Advisory",
        "trust": 0.8,
        "url": "https://01.org/security/advisories/intel-oss-10005"
      },
      {
        "title": "INTEL-SA-00166 - Intel Graphics Driver Unified Shader Compiler Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html"
      },
      {
        "title": "INTEL-SA-00168 - Intel NUC Bios Updater Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00168.html"
      },
      {
        "title": "Intel QuickAssist Technology for Linux Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85669"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://cdrdv2.intel.com/v1/dl/getcontent/685356"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12152"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12158"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12153"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12154"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12193"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99973215/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12158"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12193"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12152"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12153"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12154"
      },
      {
        "trust": 0.7,
        "url": "https://01.org/security/advisories/intel-oss-10005"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122128"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-12193"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-122128"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-12193"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12193"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-122128"
      },
      {
        "date": "2018-10-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-12193"
      },
      {
        "date": "2018-10-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "date": "2018-10-10T18:29:04.483000",
        "db": "NVD",
        "id": "CVE-2018-12193"
      },
      {
        "date": "2018-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-122128"
      },
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-12193"
      },
      {
        "date": "2019-07-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      },
      {
        "date": "2021-12-16T18:49:49.400000",
        "db": "NVD",
        "id": "CVE-2018-12193"
      },
      {
        "date": "2021-11-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Multiple vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-008201"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201810-538"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-12193 (GCVE-0-2018-12193)

CERTFR-2018-AVI-489

Solution

CERTFR-2018-AVI-489

Solution

CNVD-2018-20761

FKIE_CVE-2018-12193

GHSA-PWCP-JWJX-3JGM

GSD-2018-12193

VAR-201810-1468

Tags

Sightings

Nomenclature