cvelistv5 - cve-2019-11095

CVE-2019-11095 (GCVE-0-2019-11095)

Vulnerability from cvelistv5 – Published: 2019-05-17 15:41 – Updated: 2024-08-04 22:40

Summary

Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.

Severity ?

No CVSS data available.

CWE

Information Disclosure

Assigner

intel

References

URL

Tags

	https://www.intel.com/content/www/us/en/security-…	x_refsource_MISC
	https://support.f5.com/csp/article/K05525310	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) Driver & Support Assistant	Affected: Version 19.3.12.3 and before.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:16.315Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K05525310"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) Driver \u0026 Support Assistant",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Version 19.3.12.3 and before."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-19T23:06:02",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K05525310"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11095",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) Driver \u0026 Support Assistant",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Version 19.3.12.3 and before."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
              "refsource": "MISC",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K05525310",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K05525310"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11095",
    "datePublished": "2019-05-17T15:41:37",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:40:16.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:driver_\\\\\u0026_support_assistant:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"19.3.12.3\", \"matchCriteriaId\": \"A08CCAAE-1FA2-4616-B9DB-B06DA637F1AE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.\"}, {\"lang\": \"es\", \"value\": \"Control de acceso insuficiente en Intel (R) Driver \u0026 Support Assistant versi\\u00f3n 19.3.12.3 y anteriores puede permitir a un usuario privilegiado habilitar potencialmente la divulgaci\\u00f3n de informaci\\u00f3n a trav\\u00e9s del acceso local.\"}]",
      "id": "CVE-2019-11095",
      "lastModified": "2024-11-21T04:20:31.693",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-05-17T16:29:03.237",
      "references": "[{\"url\": \"https://support.f5.com/csp/article/K05525310\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K05525310\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11095\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-05-17T16:29:03.237\",\"lastModified\":\"2024-11-21T04:20:31.693\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.\"},{\"lang\":\"es\",\"value\":\"Control de acceso insuficiente en Intel (R) Driver \u0026 Support Assistant versi\u00f3n 19.3.12.3 y anteriores puede permitir a un usuario privilegiado habilitar potencialmente la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:driver_\\\\\u0026_support_assistant:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"19.3.12.3\",\"matchCriteriaId\":\"A08CCAAE-1FA2-4616-B9DB-B06DA637F1AE\"}]}]}],\"references\":[{\"url\":\"https://support.f5.com/csp/article/K05525310\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K05525310\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2019-11095

Vulnerability from fkie_nvd - Published: 2019-05-17 16:29 - Updated: 2024-11-21 04:20

Severity ?

4.4 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.

References

URL	Tags
secure@intel.com	https://support.f5.com/csp/article/K05525310	Third Party Advisory
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K05525310	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html	Vendor Advisory

Impacted products

	Vendor	Product	Version
	intel	driver_\&_support_assistant	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:driver_\\\u0026_support_assistant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A08CCAAE-1FA2-4616-B9DB-B06DA637F1AE",
              "versionEndIncluding": "19.3.12.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Control de acceso insuficiente en Intel (R) Driver \u0026 Support Assistant versi\u00f3n 19.3.12.3 y anteriores puede permitir a un usuario privilegiado habilitar potencialmente la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2019-11095",
  "lastModified": "2024-11-21T04:20:31.693",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-17T16:29:03.237",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05525310"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05525310"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2019-AVI-208

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel NUC Kit NUC8i7HNK avec une version du BIOS antérieure à 0054
Intel	N/A	Intel Server Board
Intel	N/A	Intel Server System
Intel	N/A	Intel Celeron N Series
Intel	N/A	Intel Unite Client versions antérieures à v3.3.176.13
Intel	N/A	Intel NUC Board NUC7i7DNBE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Atom Processor A Series
Intel	N/A	Intel Unite Client for Android versions antérieures à 4.0
Intel	N/A	Intel i915 Graphics pour Linux versions antérieures à 5.0
Intel	N/A	Intel Compute Module
Intel	N/A	Intel PROSet/Wireless WiFi versions antérieures à 21.0
Intel	N/A	Intel NUC Kit NUC8i7HVK avec une version du BIOS antérieure à 0054
Intel	N/A	Intel ACU Wizard Configurator_download_package versions antérieures à 12.1.0.87
Intel	N/A	Intel Celeron J Series
Intel	N/A	Intel Xeon Processor D Family
Intel	N/A	Intel NUC Kit NUC7i5DNHE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Driver & Support Assistant versions antérieures à 19.4.18
Intel	N/A	Intel Graphics Driver pour Windows sans le dernier correctif de sécurité
Intel	N/A	Intel NUC Kit NUC7i7DNHE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Pentium Processor Silver Series
Intel	N/A	Intel Quartus II et Intel Quartus Prime Standard Edition versions antérieures à 18.1.1
Intel	N/A	Intel NUC Kit NUC7i7DNKE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Pentium Processor J Series
Intel	N/A	Intel SCS Discovery Utility avec SCS_download_package versions antérieures à 12.1.0.87
Intel	N/A	Intel Atom Processor E3900 Series
Intel	N/A	Intel Xeon Scalable Processor
Intel	N/A	Intel Pentium Processor N Series
Intel	N/A	Intel Quartus Prime Pro Edition versions antérieures à 19.1

References

Title

Publication Time

Tags

Bulletin de sécurité Intel intel-sa-00244 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00245 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00249 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00223 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00251 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00204 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00234 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00218 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00228 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00252 du 14 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel NUC Kit NUC8i7HNK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server System",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Celeron N Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Unite Client versions ant\u00e9rieures \u00e0 v3.3.176.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Board NUC7i7DNBE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Atom Processor A Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Unite Client for Android versions ant\u00e9rieures \u00e0 4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel i915 Graphics pour Linux versions ant\u00e9rieures \u00e0 5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Module",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel PROSet/Wireless WiFi versions ant\u00e9rieures \u00e0 21.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC8i7HVK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ACU Wizard Configurator_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Celeron J Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Xeon Processor D Family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i5DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 19.4.18",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Graphics Driver pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Pentium Processor Silver Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Quartus II et Intel Quartus Prime Standard Edition versions ant\u00e9rieures \u00e0 18.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNKE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Pentium Processor J Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel SCS Discovery Utility avec SCS_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Atom Processor E3900 Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Xeon Scalable Processor",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Pentium Processor N Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Quartus Prime Pro Edition versions ant\u00e9rieures \u00e0 19.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0138"
    },
    {
      "name": "CVE-2019-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0120"
    },
    {
      "name": "CVE-2019-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0115"
    },
    {
      "name": "CVE-2019-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0132"
    },
    {
      "name": "CVE-2019-11093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11093"
    },
    {
      "name": "CVE-2019-11085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11085"
    },
    {
      "name": "CVE-2019-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0114"
    },
    {
      "name": "CVE-2019-11094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11094"
    },
    {
      "name": "CVE-2018-3701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3701"
    },
    {
      "name": "CVE-2019-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0113"
    },
    {
      "name": "CVE-2019-11114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11114"
    },
    {
      "name": "CVE-2019-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0126"
    },
    {
      "name": "CVE-2019-11095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11095"
    },
    {
      "name": "CVE-2019-0171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0171"
    },
    {
      "name": "CVE-2019-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0119"
    },
    {
      "name": "CVE-2019-0172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0172"
    },
    {
      "name": "CVE-2019-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0116"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-208",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00244 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00245 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00249 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00223 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00251 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00204 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00234 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00218 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00228 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00252 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
    }
  ]
}

CERTFR-2019-AVI-208

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel NUC Kit NUC8i7HNK avec une version du BIOS antérieure à 0054
Intel	N/A	Intel Server Board
Intel	N/A	Intel Server System
Intel	N/A	Intel Celeron N Series
Intel	N/A	Intel Unite Client versions antérieures à v3.3.176.13
Intel	N/A	Intel NUC Board NUC7i7DNBE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Atom Processor A Series
Intel	N/A	Intel Unite Client for Android versions antérieures à 4.0
Intel	N/A	Intel i915 Graphics pour Linux versions antérieures à 5.0
Intel	N/A	Intel Compute Module
Intel	N/A	Intel PROSet/Wireless WiFi versions antérieures à 21.0
Intel	N/A	Intel NUC Kit NUC8i7HVK avec une version du BIOS antérieure à 0054
Intel	N/A	Intel ACU Wizard Configurator_download_package versions antérieures à 12.1.0.87
Intel	N/A	Intel Celeron J Series
Intel	N/A	Intel Xeon Processor D Family
Intel	N/A	Intel NUC Kit NUC7i5DNHE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Driver & Support Assistant versions antérieures à 19.4.18
Intel	N/A	Intel Graphics Driver pour Windows sans le dernier correctif de sécurité
Intel	N/A	Intel NUC Kit NUC7i7DNHE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Pentium Processor Silver Series
Intel	N/A	Intel Quartus II et Intel Quartus Prime Standard Edition versions antérieures à 18.1.1
Intel	N/A	Intel NUC Kit NUC7i7DNKE avec une version du BIOS antérieure à 0062
Intel	N/A	Intel Pentium Processor J Series
Intel	N/A	Intel SCS Discovery Utility avec SCS_download_package versions antérieures à 12.1.0.87
Intel	N/A	Intel Atom Processor E3900 Series
Intel	N/A	Intel Xeon Scalable Processor
Intel	N/A	Intel Pentium Processor N Series
Intel	N/A	Intel Quartus Prime Pro Edition versions antérieures à 19.1

References

Title

Publication Time

Tags

Bulletin de sécurité Intel intel-sa-00244 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00245 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00249 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00223 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00251 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00204 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00234 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00218 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00228 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00252 du 14 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel NUC Kit NUC8i7HNK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server System",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Celeron N Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Unite Client versions ant\u00e9rieures \u00e0 v3.3.176.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Board NUC7i7DNBE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Atom Processor A Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Unite Client for Android versions ant\u00e9rieures \u00e0 4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel i915 Graphics pour Linux versions ant\u00e9rieures \u00e0 5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Module",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel PROSet/Wireless WiFi versions ant\u00e9rieures \u00e0 21.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC8i7HVK avec une version du BIOS ant\u00e9rieure \u00e0 0054",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel ACU Wizard Configurator_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Celeron J Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Xeon Processor D Family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i5DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 19.4.18",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Graphics Driver pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNHE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Pentium Processor Silver Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Quartus II et Intel Quartus Prime Standard Edition versions ant\u00e9rieures \u00e0 18.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNKE avec une version du BIOS ant\u00e9rieure \u00e0 0062",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Pentium Processor J Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel SCS Discovery Utility avec SCS_download_package versions ant\u00e9rieures \u00e0 12.1.0.87",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Atom Processor E3900 Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Xeon Scalable Processor",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Pentium Processor N Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Quartus Prime Pro Edition versions ant\u00e9rieures \u00e0 19.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0138"
    },
    {
      "name": "CVE-2019-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0120"
    },
    {
      "name": "CVE-2019-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0115"
    },
    {
      "name": "CVE-2019-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0132"
    },
    {
      "name": "CVE-2019-11093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11093"
    },
    {
      "name": "CVE-2019-11085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11085"
    },
    {
      "name": "CVE-2019-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0114"
    },
    {
      "name": "CVE-2019-11094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11094"
    },
    {
      "name": "CVE-2018-3701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3701"
    },
    {
      "name": "CVE-2019-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0113"
    },
    {
      "name": "CVE-2019-11114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11114"
    },
    {
      "name": "CVE-2019-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0126"
    },
    {
      "name": "CVE-2019-11095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11095"
    },
    {
      "name": "CVE-2019-0171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0171"
    },
    {
      "name": "CVE-2019-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0119"
    },
    {
      "name": "CVE-2019-0172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0172"
    },
    {
      "name": "CVE-2019-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0116"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-208",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00244 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00245 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00249 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00223 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00251 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00204 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00234 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00218 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00228 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00252 du 14 mai 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
    }
  ]
}

GHSA-J7GM-MWHH-9FWR

Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2022-05-24 16:46

Details

Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-11095"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-17T16:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.",
  "id": "GHSA-j7gm-mwhh-9fwr",
  "modified": "2022-05-24T16:46:02Z",
  "published": "2022-05-24T16:46:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11095"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K05525310"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2019-11095

Vulnerability from gsd - Updated: 2023-12-13 01:24

Details

Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.

Aliases

CVE-2019-11095

Aliases

CVE-2019-11095

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-11095",
    "description": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.",
    "id": "GSD-2019-11095"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-11095"
      ],
      "details": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.",
      "id": "GSD-2019-11095",
      "modified": "2023-12-13T01:24:02.269568Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2019-11095",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Driver \u0026 Support Assistant",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Version 19.3.12.3 and before."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information Disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
          },
          {
            "name": "https://support.f5.com/csp/article/K05525310",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K05525310"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:driver_\\\u0026_support_assistant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.3.12.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11095"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K05525310",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K05525310"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-08-24T17:37Z",
      "publishedDate": "2019-05-17T16:29Z"
    }
  }
}

VAR-201905-1251

Vulnerability from variot - Updated: 2023-12-18 11:43

Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access. This tool is mainly used to get the latest applications provided by Intel. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1251",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "driver \\\u0026 support assistant",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "19.3.12.3"
      },
      {
        "model": "acu wizard",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "active management technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "converged security management engine",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "driver and support assistant",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "dynamic application loader",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "i915",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc board nuc7i7dnbe",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i5dnhe",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i7dnhe",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i7dnke",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc8i7hnk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc8i7hvk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "proset/wireless software driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "quartus ii programmer and tools",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "server platform services",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "trusted execution engine",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "intel",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "quartus prime",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "scs discovery utility",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "unite client",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "graphics driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "driver and support assistant",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "intel",
        "version": "19.3.12.3"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:driver_\\\u0026_support_assistant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.3.12.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      }
    ]
  },
  "cve": "CVE-2019-11095",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 2.1,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2019-11095",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-142707",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.4,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-11095",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-11095",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-766",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142707",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142707"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insufficient access control in Intel(R) Driver \u0026 Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access. This tool is mainly used to get the latest applications provided by Intel. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142707"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-11095",
        "trust": 2.5
      },
      {
        "db": "JVN",
        "id": "JVNVU92328381",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-766",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-18582",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-142707",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142707"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ]
  },
  "id": "VAR-201905-1251",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142707"
      }
    ],
    "trust": 0.6336601066666667
  },
  "last_update_date": "2023-12-18T11:43:53.553000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
      },
      {
        "title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
      },
      {
        "title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
      },
      {
        "title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
      },
      {
        "title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
      },
      {
        "title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
      },
      {
        "title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
      },
      {
        "title": "INTEL-SA-00251 - IntelR NUC Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
      },
      {
        "title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
      },
      {
        "title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
      },
      {
        "title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
      },
      {
        "title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142707"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://support.f5.com/csp/article/k05525310"
      },
      {
        "trust": 1.7,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11095"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92328381/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://mdsattacks.com/files/ridl.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://mdsattacks.com/files/fallout.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://zombieloadattack.com/"
      },
      {
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11095"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92328381/"
      },
      {
        "trust": 0.8,
        "url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142707"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-142707"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142707"
      },
      {
        "date": "2019-05-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "date": "2019-06-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "date": "2019-05-17T16:29:03.237000",
        "db": "NVD",
        "id": "CVE-2019-11095"
      },
      {
        "date": "2019-05-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142707"
      },
      {
        "date": "2019-05-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "date": "2019-06-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004710"
      },
      {
        "date": "2020-08-24T17:37:01.140000",
        "db": "NVD",
        "id": "CVE-2019-11095"
      },
      {
        "date": "2020-08-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Multiple vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "access control error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-766"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2020-18582

Vulnerability from cnvd - Published: 2020-03-22

Title

Intel Driver & Support Assistant访问控制错误漏洞

Description

Intel Driver ＆ Support Assistant是美国英特尔（Intel）公司的一款Intel驱动程序和支持管理工具。该工具主要用于获取Intel提供的最新应用程序。 Intel Driver & Support Assistant存在访问控制错误漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。攻击者可利用该漏洞获取敏感信息。

Severity

低

Patch Name

Intel Driver & Support Assistant访问控制错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-11095

Impacted products

Name
Intel Driver & Support Assistant <=19.3.12.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11095",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11095"
    }
  },
  "description": "Intel Driver \uff06 Support Assistant\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3eIntel\u9a71\u52a8\u7a0b\u5e8f\u548c\u652f\u6301\u7ba1\u7406\u5de5\u5177\u3002\u8be5\u5de5\u5177\u4e3b\u8981\u7528\u4e8e\u83b7\u53d6Intel\u63d0\u4f9b\u7684\u6700\u65b0\u5e94\u7528\u7a0b\u5e8f\u3002\n\nIntel Driver \u0026 Support Assistant\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u6b63\u786e\u9650\u5236\u6765\u81ea\u672a\u6388\u6743\u89d2\u8272\u7684\u8d44\u6e90\u8bbf\u95ee\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-18582",
  "openTime": "2020-03-22",
  "patchDescription": "Intel Driver \uff06 Support Assistant\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3eIntel\u9a71\u52a8\u7a0b\u5e8f\u548c\u652f\u6301\u7ba1\u7406\u5de5\u5177\u3002\u8be5\u5de5\u5177\u4e3b\u8981\u7528\u4e8e\u83b7\u53d6Intel\u63d0\u4f9b\u7684\u6700\u65b0\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nIntel Driver \u0026 Support Assistant\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u6b63\u786e\u9650\u5236\u6765\u81ea\u672a\u6388\u6743\u89d2\u8272\u7684\u8d44\u6e90\u8bbf\u95ee\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Driver \u0026 Support Assistant\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel Driver \u0026 Support Assistant \u003c=19.3.12.3"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-11095",
  "serverity": "\u4f4e",
  "submitTime": "2019-05-22",
  "title": "Intel Driver \u0026 Support Assistant\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-11095 (GCVE-0-2019-11095)

FKIE_CVE-2019-11095

CERTFR-2019-AVI-208

Solution

CERTFR-2019-AVI-208

Solution

GHSA-J7GM-MWHH-9FWR

GSD-2019-11095

VAR-201905-1251

CNVD-2020-18582

Tags

Sightings

Nomenclature