cvelistv5 - cve-2021-33082

CVE-2021-33082 (GCVE-0-2021-33082)

Vulnerability from cvelistv5 – Published: 2022-05-12 16:36 – Updated: 2025-05-05 16:51

Summary

Severity ?

4.6 (Medium)


                        
                          CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

information disclosure

Assigner

intel

References

URL

Tags

	https://www.intel.com/content/www/us/en/security-…	x_refsource_MISC
	https://www.solidigm.com/content/dam/newco-aem-si…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) SSD and Intel(R) Optane(TM) SSD Products	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:42:19.573Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "NONE",
              "baseScore": 4.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-33082",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:20:52.712034Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-212",
                "description": "CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T16:51:36.495Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) SSD and Intel(R) Optane(TM) SSD Products",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-20T14:14:27.000Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2021-33082",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) SSD and Intel(R) Optane(TM) SSD Products",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "See references"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html",
              "refsource": "MISC",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
            },
            {
              "name": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf",
              "refsource": "MISC",
              "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2021-33082",
    "datePublished": "2022-05-12T16:36:01.000Z",
    "dateReserved": "2021-05-18T00:00:00.000Z",
    "dateUpdated": "2025-05-05T16:51:36.495Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"e2010600\", \"matchCriteriaId\": \"1C426200-3AB3-4AF3-A703-D872439CBC1B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE6F7C04-DA32-42BC-9C5F-651DF61E5589\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"e2010600\", \"matchCriteriaId\": \"56F9A5D0-6BC0-49F3-9142-029C087D054F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15DAAAC1-DBA7-47BC-8796-B7C8B86DEFD0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"l0310200\", \"matchCriteriaId\": \"7DABA907-898E-4E37-96AC-B17CF9E79DE2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"125149FE-A545-47EA-86BF-D0D3A9CD8297\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"pgf028k\", \"matchCriteriaId\": \"13B86144-8B9D-48B1-9113-7D67054A8E1F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00EFD6D0-2B8B-4450-A073-C6121264C94F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"tgf061k\", \"matchCriteriaId\": \"024366FD-77B4-4AFC-9069-962EBD5F6E99\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DABB2C2-D156-40EC-9576-9F1339A56F75\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"fw600\", \"matchCriteriaId\": \"B5EFFFF6-FE57-4BFD-B989-1DE6F0D20A7C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BD5595C-0047-441A-B398-8ACA421BB439\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"fw600\", \"matchCriteriaId\": \"01042942-2847-499E-87DB-4D67D7412D28\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AFC9CF7-581F-4B2D-B93C-3D7E3C136F4C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.\"}, {\"lang\": \"es\", \"value\": \"Una informaci\\u00f3n confidencial en el recurso no eliminado antes del re\\u00faso en el firmware para algunos productos Intel(R) SSD e Intel(R) Optane(TM) SSD puede permitir que un usuario no autenticado permita potencialmente una divulgaci\\u00f3n de informaci\\u00f3n por medio del acceso f\\u00edsico\"}]",
      "id": "CVE-2021-33082",
      "lastModified": "2024-11-21T06:08:15.373",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 4.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-05-12T17:15:09.123",
      "references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\", \"source\": \"secure@intel.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-212\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-33082\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2022-05-12T17:15:09.123\",\"lastModified\":\"2025-05-05T17:17:07.547\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.\"},{\"lang\":\"es\",\"value\":\"Una informaci\u00f3n confidencial en el recurso no eliminado antes del re\u00faso en el firmware para algunos productos Intel(R) SSD e Intel(R) Optane(TM) SSD puede permitir que un usuario no autenticado permita potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio del acceso f\u00edsico\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-212\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-212\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"e2010600\",\"matchCriteriaId\":\"1C426200-3AB3-4AF3-A703-D872439CBC1B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE6F7C04-DA32-42BC-9C5F-651DF61E5589\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"e2010600\",\"matchCriteriaId\":\"56F9A5D0-6BC0-49F3-9142-029C087D054F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15DAAAC1-DBA7-47BC-8796-B7C8B86DEFD0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"l0310200\",\"matchCriteriaId\":\"7DABA907-898E-4E37-96AC-B17CF9E79DE2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"125149FE-A545-47EA-86BF-D0D3A9CD8297\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"pgf028k\",\"matchCriteriaId\":\"13B86144-8B9D-48B1-9113-7D67054A8E1F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00EFD6D0-2B8B-4450-A073-C6121264C94F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"tgf061k\",\"matchCriteriaId\":\"024366FD-77B4-4AFC-9069-962EBD5F6E99\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DABB2C2-D156-40EC-9576-9F1339A56F75\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"fw600\",\"matchCriteriaId\":\"B5EFFFF6-FE57-4BFD-B989-1DE6F0D20A7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BD5595C-0047-441A-B398-8ACA421BB439\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"fw600\",\"matchCriteriaId\":\"01042942-2847-499E-87DB-4D67D7412D28\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AFC9CF7-581F-4B2D-B93C-3D7E3C136F4C\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\",\"source\":\"secure@intel.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T23:42:19.573Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.6, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-33082\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:20:52.712034Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-212\", \"description\": \"CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T13:11:50.083Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) SSD and Intel(R) Optane(TM) SSD Products\", \"versions\": [{\"status\": \"affected\", \"version\": \"See references\"}]}], \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"information disclosure\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2022-09-20T14:14:27.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"See references\"}]}, \"product_name\": \"Intel(R) SSD and Intel(R) Optane(TM) SSD Products\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\", \"name\": \"https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"information disclosure\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-33082\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@intel.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-33082\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-05T16:51:36.495Z\", \"dateReserved\": \"2021-05-18T00:00:00.000Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2022-05-12T16:36:01.000Z\", \"assignerShortName\": \"intel\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-R3XP-3WRM-G7W6

Vulnerability from github – Published: 2022-05-13 00:00 – Updated: 2022-05-24 00:01

Details

Severity ?

4.6 (Medium)


                  
                    CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-33082"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-212"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-12T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.",
  "id": "GHSA-r3xp-3wrm-g7w6",
  "modified": "2022-05-24T00:01:37Z",
  "published": "2022-05-13T00:00:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33082"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
    },
    {
      "type": "WEB",
      "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2022-AVI-444

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Intel Manageability Commander versions antérieures à 2.2
Intel In-Band Manageability versions antérieures à 2.13.0
Pilotes du noyau Linux Intel SGX fournis par Intel versions 2.14 et antérieures. Les pilotes Intel SGX ont été intégrés au noyau Linux depuis la version 5.11.
Intel Killer Control Center versions antérieures à 2.4.3337.0
Intel Advisor software versions antérieures à 7.6.0.37
Intel XTU software versions antérieures à 7.3.0.33

Se référer aux avis de l'éditeur pour les vulnérabilités concernant les micrologiciels et matériels Intel.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Intel intel-sa-00663 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00654 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00519 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00595 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00648 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00614 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00661 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00613 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00617 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00563 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00586 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00616 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00549 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00644 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00601 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00603 du 10 mai 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eIntel Manageability Commander versions ant\u00e9rieures \u00e0 2.2\u003c/li\u003e \u003cli\u003eIntel In-Band Manageability versions ant\u00e9rieures \u00e0 2.13.0\u003c/li\u003e \u003cli\u003ePilotes du noyau Linux Intel SGX fournis par Intel versions 2.14 et ant\u00e9rieures. Les pilotes Intel SGX ont \u00e9t\u00e9 int\u00e9gr\u00e9s au noyau Linux depuis la version 5.11.\u003c/li\u003e \u003cli\u003eIntel Killer Control Center versions ant\u00e9rieures \u00e0 2.4.3337.0\u003c/li\u003e \u003cli\u003eIntel Advisor software versions ant\u00e9rieures \u00e0 7.6.0.37\u003c/li\u003e \u003cli\u003eIntel XTU software versions ant\u00e9rieures \u00e0 7.3.0.33\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux avis de l\u0027\u00e9diteur pour les vuln\u00e9rabilit\u00e9s concernant les micrologiciels et mat\u00e9riels Intel.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-33117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33117"
    },
    {
      "name": "CVE-2021-33135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33135"
    },
    {
      "name": "CVE-2021-33075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33075"
    },
    {
      "name": "CVE-2021-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0155"
    },
    {
      "name": "CVE-2021-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0154"
    },
    {
      "name": "CVE-2022-21151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21151"
    },
    {
      "name": "CVE-2021-0188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0188"
    },
    {
      "name": "CVE-2021-0159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0159"
    },
    {
      "name": "CVE-2021-33080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33080"
    },
    {
      "name": "CVE-2021-33108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33108"
    },
    {
      "name": "CVE-2021-33103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33103"
    },
    {
      "name": "CVE-2021-33123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33123"
    },
    {
      "name": "CVE-2022-22139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22139"
    },
    {
      "name": "CVE-2021-33078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33078"
    },
    {
      "name": "CVE-2021-33122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33122"
    },
    {
      "name": "CVE-2021-26258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26258"
    },
    {
      "name": "CVE-2021-33130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33130"
    },
    {
      "name": "CVE-2022-0005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0005"
    },
    {
      "name": "CVE-2021-0190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0190"
    },
    {
      "name": "CVE-2022-24297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24297"
    },
    {
      "name": "CVE-2021-33082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33082"
    },
    {
      "name": "CVE-2021-33077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33077"
    },
    {
      "name": "CVE-2021-33124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33124"
    },
    {
      "name": "CVE-2021-33069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33069"
    },
    {
      "name": "CVE-2021-0194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0194"
    },
    {
      "name": "CVE-2021-33083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33083"
    },
    {
      "name": "CVE-2022-21136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21136"
    },
    {
      "name": "CVE-2021-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0126"
    },
    {
      "name": "CVE-2022-21237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21237"
    },
    {
      "name": "CVE-2021-33107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33107"
    },
    {
      "name": "CVE-2022-24382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24382"
    },
    {
      "name": "CVE-2021-33149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33149"
    },
    {
      "name": "CVE-2021-33074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33074"
    },
    {
      "name": "CVE-2022-21131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21131"
    },
    {
      "name": "CVE-2022-0004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0004"
    },
    {
      "name": "CVE-2022-21128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21128"
    },
    {
      "name": "CVE-2021-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0153"
    },
    {
      "name": "CVE-2021-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0193"
    },
    {
      "name": "CVE-2021-0189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0189"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-444",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-05-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00663 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00663.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00654 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00519 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00519.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00595 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00595.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00648 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00648.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00614 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00661 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00661.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00613 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00617 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00563 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00586 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00616 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00616.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00549 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00549.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00644 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00644.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00601 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00603 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00603.html"
    }
  ]
}

CERTFR-2022-AVI-444

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Intel Manageability Commander versions antérieures à 2.2
Intel In-Band Manageability versions antérieures à 2.13.0
Pilotes du noyau Linux Intel SGX fournis par Intel versions 2.14 et antérieures. Les pilotes Intel SGX ont été intégrés au noyau Linux depuis la version 5.11.
Intel Killer Control Center versions antérieures à 2.4.3337.0
Intel Advisor software versions antérieures à 7.6.0.37
Intel XTU software versions antérieures à 7.3.0.33

Se référer aux avis de l'éditeur pour les vulnérabilités concernant les micrologiciels et matériels Intel.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Intel intel-sa-00663 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00654 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00519 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00595 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00648 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00614 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00661 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00613 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00617 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00563 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00586 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00616 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00549 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00644 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00601 du 10 mai 2022	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00603 du 10 mai 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eIntel Manageability Commander versions ant\u00e9rieures \u00e0 2.2\u003c/li\u003e \u003cli\u003eIntel In-Band Manageability versions ant\u00e9rieures \u00e0 2.13.0\u003c/li\u003e \u003cli\u003ePilotes du noyau Linux Intel SGX fournis par Intel versions 2.14 et ant\u00e9rieures. Les pilotes Intel SGX ont \u00e9t\u00e9 int\u00e9gr\u00e9s au noyau Linux depuis la version 5.11.\u003c/li\u003e \u003cli\u003eIntel Killer Control Center versions ant\u00e9rieures \u00e0 2.4.3337.0\u003c/li\u003e \u003cli\u003eIntel Advisor software versions ant\u00e9rieures \u00e0 7.6.0.37\u003c/li\u003e \u003cli\u003eIntel XTU software versions ant\u00e9rieures \u00e0 7.3.0.33\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux avis de l\u0027\u00e9diteur pour les vuln\u00e9rabilit\u00e9s concernant les micrologiciels et mat\u00e9riels Intel.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-33117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33117"
    },
    {
      "name": "CVE-2021-33135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33135"
    },
    {
      "name": "CVE-2021-33075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33075"
    },
    {
      "name": "CVE-2021-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0155"
    },
    {
      "name": "CVE-2021-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0154"
    },
    {
      "name": "CVE-2022-21151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21151"
    },
    {
      "name": "CVE-2021-0188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0188"
    },
    {
      "name": "CVE-2021-0159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0159"
    },
    {
      "name": "CVE-2021-33080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33080"
    },
    {
      "name": "CVE-2021-33108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33108"
    },
    {
      "name": "CVE-2021-33103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33103"
    },
    {
      "name": "CVE-2021-33123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33123"
    },
    {
      "name": "CVE-2022-22139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22139"
    },
    {
      "name": "CVE-2021-33078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33078"
    },
    {
      "name": "CVE-2021-33122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33122"
    },
    {
      "name": "CVE-2021-26258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26258"
    },
    {
      "name": "CVE-2021-33130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33130"
    },
    {
      "name": "CVE-2022-0005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0005"
    },
    {
      "name": "CVE-2021-0190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0190"
    },
    {
      "name": "CVE-2022-24297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24297"
    },
    {
      "name": "CVE-2021-33082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33082"
    },
    {
      "name": "CVE-2021-33077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33077"
    },
    {
      "name": "CVE-2021-33124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33124"
    },
    {
      "name": "CVE-2021-33069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33069"
    },
    {
      "name": "CVE-2021-0194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0194"
    },
    {
      "name": "CVE-2021-33083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33083"
    },
    {
      "name": "CVE-2022-21136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21136"
    },
    {
      "name": "CVE-2021-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0126"
    },
    {
      "name": "CVE-2022-21237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21237"
    },
    {
      "name": "CVE-2021-33107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33107"
    },
    {
      "name": "CVE-2022-24382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24382"
    },
    {
      "name": "CVE-2021-33149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33149"
    },
    {
      "name": "CVE-2021-33074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33074"
    },
    {
      "name": "CVE-2022-21131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21131"
    },
    {
      "name": "CVE-2022-0004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0004"
    },
    {
      "name": "CVE-2022-21128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21128"
    },
    {
      "name": "CVE-2021-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0153"
    },
    {
      "name": "CVE-2021-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0193"
    },
    {
      "name": "CVE-2021-0189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0189"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-444",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-05-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00663 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00663.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00654 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00519 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00519.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00595 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00595.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00648 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00648.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00614 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00661 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00661.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00613 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00617 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00563 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00586 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00616 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00616.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00549 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00549.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00644 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00644.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00601 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00601.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00603 du 10 mai 2022",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00603.html"
    }
  ]
}

VAR-202205-1051

Vulnerability from variot - Updated: 2023-12-18 11:52

Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. optane ssd dc p4800x firmware, optane ssd dc p4801x firmware, optane ssd p5800x Multiple Intel products, such as firmware, contain vulnerabilities related to deletion of important information before storage or transfer.Information may be obtained

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1051",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "optane ssd 905p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "fw600"
      },
      {
        "model": "optane memory h10 with solid state storage",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "tgf061k"
      },
      {
        "model": "optane memory h20 with solid state storage",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "pgf028k"
      },
      {
        "model": "optane ssd p5800x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l0310200"
      },
      {
        "model": "optane ssd dc p4801x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e2010600"
      },
      {
        "model": "optane ssd 900p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "fw600"
      },
      {
        "model": "optane ssd dc p4800x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e2010600"
      },
      {
        "model": "optane ssd dc p4800x",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "optane ssd p5800x",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "optane memory h10 with solid state storage",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "optane ssd dc p4801x",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel optane ssd 905p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel optane ssd 900p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "optane memory h20 with solid state storage",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "e2010600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "e2010600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "l0310200",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "pgf028k",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "tgf061k",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "fw600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "fw600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      }
    ]
  },
  "cve": "CVE-2021-33082",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 2.1,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2021-33082",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Physical",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.6,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-33082",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-33082",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202205-3141",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-33082",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access. optane ssd dc p4800x firmware, optane ssd dc p4801x firmware, optane ssd p5800x Multiple Intel products, such as firmware, contain vulnerabilities related to deletion of important information before storage or transfer.Information may be obtained",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33082"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-33082",
        "trust": 3.3
      },
      {
        "db": "JVN",
        "id": "JVNVU93344744",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3141",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33082",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ]
  },
  "id": "VAR-202205-1051",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.15757576
  },
  "last_update_date": "2023-12-18T11:52:52.121000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Multiple Intel Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=193820"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/intel-memory-bug-poses-risk-for-hundreds-of-products/179595/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-212",
        "trust": 1.0
      },
      {
        "problemtype": "Improper removal of important information prior to storage or transfer (CWE-212) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
      },
      {
        "trust": 1.6,
        "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/solidigm%20sa-000563%20rev1.1.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu93344744/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-33082"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2021-33082/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/intel-memory-bug-poses-risk-for-hundreds-of-products/179595/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-33082"
      },
      {
        "date": "2023-08-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "date": "2022-05-12T17:15:09.123000",
        "db": "NVD",
        "id": "CVE-2021-33082"
      },
      {
        "date": "2022-05-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-23T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-33082"
      },
      {
        "date": "2023-08-07T08:16:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      },
      {
        "date": "2022-10-07T13:58:39.500000",
        "db": "NVD",
        "id": "CVE-2021-33082"
      },
      {
        "date": "2022-09-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability regarding deletion of sensitive information before storage or transfer in multiple Intel products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-019619"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3141"
      }
    ],
    "trust": 0.6
  }
}

GSD-2021-33082

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-33082

Aliases

CVE-2021-33082

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-33082",
    "description": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.",
    "id": "GSD-2021-33082"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-33082"
      ],
      "details": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.",
      "id": "GSD-2021-33082",
      "modified": "2023-12-13T01:23:18.931140Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2021-33082",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) SSD and Intel(R) Optane(TM) SSD Products",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "See references"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "information disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
          },
          {
            "name": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf",
            "refsource": "MISC",
            "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "e2010600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "e2010600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "l0310200",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "pgf028k",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "tgf061k",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "fw600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "fw600",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2021-33082"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-212"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html",
              "refsource": "MISC",
              "tags": [
                "Mitigation",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
            },
            {
              "name": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf",
              "refsource": "MISC",
              "tags": [
                "Broken Link"
              ],
              "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 0.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-10-07T13:58Z",
      "publishedDate": "2022-05-12T17:15Z"
    }
  }
}

FKIE_CVE-2021-33082

Vulnerability from fkie_nvd - Published: 2022-05-12 17:15 - Updated: 2025-05-05 17:17

Severity ?

4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html	Mitigation, Vendor Advisory
secure@intel.com	https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf	Broken Link

Impacted products

Vendor	Product	Version
intel	optane_ssd_dc_p4800x_firmware	*
intel	optane_ssd_dc_p4800x	-
intel	optane_ssd_dc_p4801x_firmware	*
intel	optane_ssd_dc_p4801x	-
intel	optane_ssd_p5800x_firmware	*
intel	optane_ssd_p5800x	-
intel	optane_memory_h20_with_solid_state_storage_firmware	*
intel	optane_memory_h20_with_solid_state_storage	-
intel	optane_memory_h10_with_solid_state_storage_firmware	*
intel	optane_memory_h10_with_solid_state_storage	-
intel	optane_ssd_905p_firmware	*
intel	optane_ssd_905p	-
intel	optane_ssd_900p_firmware	*
intel	optane_ssd_900p	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C426200-3AB3-4AF3-A703-D872439CBC1B",
              "versionEndExcluding": "e2010600",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE6F7C04-DA32-42BC-9C5F-651DF61E5589",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56F9A5D0-6BC0-49F3-9142-029C087D054F",
              "versionEndExcluding": "e2010600",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DAAAC1-DBA7-47BC-8796-B7C8B86DEFD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DABA907-898E-4E37-96AC-B17CF9E79DE2",
              "versionEndExcluding": "l0310200",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "125149FE-A545-47EA-86BF-D0D3A9CD8297",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "13B86144-8B9D-48B1-9113-7D67054A8E1F",
              "versionEndExcluding": "pgf028k",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EFD6D0-2B8B-4450-A073-C6121264C94F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "024366FD-77B4-4AFC-9069-962EBD5F6E99",
              "versionEndExcluding": "tgf061k",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DABB2C2-D156-40EC-9576-9F1339A56F75",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5EFFFF6-FE57-4BFD-B989-1DE6F0D20A7C",
              "versionEndExcluding": "fw600",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD5595C-0047-441A-B398-8ACA421BB439",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01042942-2847-499E-87DB-4D67D7412D28",
              "versionEndExcluding": "fw600",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AFC9CF7-581F-4B2D-B93C-3D7E3C136F4C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access."
    },
    {
      "lang": "es",
      "value": "Una informaci\u00f3n confidencial en el recurso no eliminado antes del re\u00faso en el firmware para algunos productos Intel(R) SSD e Intel(R) Optane(TM) SSD puede permitir que un usuario no autenticado permita potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio del acceso f\u00edsico"
    }
  ],
  "id": "CVE-2021-33082",
  "lastModified": "2025-05-05T17:17:07.547",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-05-12T17:15:09.123",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-212"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-212"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-33082 (GCVE-0-2021-33082)

GHSA-R3XP-3WRM-G7W6

CERTFR-2022-AVI-444

Solution

CERTFR-2022-AVI-444

Solution

VAR-202205-1051

GSD-2021-33082

FKIE_CVE-2021-33082

Tags

Sightings

Nomenclature