cvelistv5 - cve-2021-33126

cve-2021-33126

Vulnerability from cvelistv5

Published

2022-08-18 19:34

Modified

2024-08-03 23:42

Severity ?

Summary

References

▼	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html	Patch, Vendor Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Intel(R) 700 and 722 Series Ethernet Controllers and Adapters

Version: before versions 8.5 and 1.5.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:42:19.930Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) 700 and 722 Series Ethernet Controllers and Adapters",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before versions 8.5 and 1.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-18T19:34:49",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2021-33126",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) 700 and 722 Series Ethernet Controllers and Adapters",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before versions 8.5 and 1.5.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html",
              "refsource": "MISC",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2021-33126",
    "datePublished": "2022-08-18T19:34:49",
    "dateReserved": "2021-05-18T00:00:00",
    "dateUpdated": "2024-08-03T23:42:19.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:ethernet_controller_xxv710_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.5\", \"matchCriteriaId\": \"D56EEE87-32A1-4A16-A7FC-032985C1EE1C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:ethernet_controller_xxv710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2A323FC-FB2A-48C4-9A5F-307DFC6CD4A0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.5\", \"matchCriteriaId\": \"E1B3B935-CB71-4FF7-A795-2349BA3B1D87\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:ethernet_controller_xl710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2A7EF19-9E60-4ECB-84C9-C5D5843E3B74\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:ethernet_controller_v710_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.5\", \"matchCriteriaId\": \"A969A215-B2E8-4489-847E-BA376972F37D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:ethernet_controller_v710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85B0D53A-BF6A-4762-9F8B-A4BD6C1C164A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.5\", \"matchCriteriaId\": \"74B6E734-8539-48B0-A310-B7404B101D6B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:ethernet_controller_x710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21159CFA-D0C0-41CD-BDFB-90131E7145AB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:ethernet_network_adapter_x722da2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.5.5\", \"matchCriteriaId\": \"83D4DFF8-92BB-4BED-AD9E-EE2EB8DA614F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:ethernet_network_adapter_x722da2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E87E963F-D589-4DA8-81E8-EAEB5BB2AB35\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:ethernet_network_adapter_x722da4fh_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.5.5\", \"matchCriteriaId\": \"FD3E1B11-CA37-4B3A-AFFF-9EA11194D216\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:ethernet_network_adapter_x722da4fh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B42E75FB-8504-4B14-8123-FC1220C13E6E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:ethernet_network_adapter_x722da4g1p5_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.5.5\", \"matchCriteriaId\": \"B0BD589A-B3F7-40CB-AA3B-24DFB62D7031\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:ethernet_network_adapter_x722da4g1p5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"730817AE-77B6-4365-B5AB-FECC26CFD62E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.\"}, {\"lang\": \"es\", \"value\": \"Un control de acceso inapropiado en el firmware de algunos controladores y adaptadores Ethernet de las series Intel(R) 700 y 722 versiones anteriores a 8.5 y 1.5.5, puede permitir que un usuario privilegiado permita potencialmente la denegaci\\u00f3n de servicio por medio de acceso local.\"}]",
      "id": "CVE-2021-33126",
      "lastModified": "2024-11-21T06:08:23.633",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 3.6}]}",
      "published": "2022-08-18T20:15:09.500",
      "references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-33126\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2022-08-18T20:15:09.500\",\"lastModified\":\"2024-11-21T06:08:23.633\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.\"},{\"lang\":\"es\",\"value\":\"Un control de acceso inapropiado en el firmware de algunos controladores y adaptadores Ethernet de las series Intel(R) 700 y 722 versiones anteriores a 8.5 y 1.5.5, puede permitir que un usuario privilegiado permita potencialmente la denegaci\u00f3n de servicio por medio de acceso local.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ethernet_controller_xxv710_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.5\",\"matchCriteriaId\":\"D56EEE87-32A1-4A16-A7FC-032985C1EE1C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ethernet_controller_xxv710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A323FC-FB2A-48C4-9A5F-307DFC6CD4A0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.5\",\"matchCriteriaId\":\"E1B3B935-CB71-4FF7-A795-2349BA3B1D87\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ethernet_controller_xl710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A7EF19-9E60-4ECB-84C9-C5D5843E3B74\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ethernet_controller_v710_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.5\",\"matchCriteriaId\":\"A969A215-B2E8-4489-847E-BA376972F37D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ethernet_controller_v710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85B0D53A-BF6A-4762-9F8B-A4BD6C1C164A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.5\",\"matchCriteriaId\":\"74B6E734-8539-48B0-A310-B7404B101D6B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ethernet_controller_x710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21159CFA-D0C0-41CD-BDFB-90131E7145AB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ethernet_network_adapter_x722da2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.5.5\",\"matchCriteriaId\":\"83D4DFF8-92BB-4BED-AD9E-EE2EB8DA614F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ethernet_network_adapter_x722da2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E87E963F-D589-4DA8-81E8-EAEB5BB2AB35\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ethernet_network_adapter_x722da4fh_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.5.5\",\"matchCriteriaId\":\"FD3E1B11-CA37-4B3A-AFFF-9EA11194D216\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ethernet_network_adapter_x722da4fh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B42E75FB-8504-4B14-8123-FC1220C13E6E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ethernet_network_adapter_x722da4g1p5_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.5.5\",\"matchCriteriaId\":\"B0BD589A-B3F7-40CB-AA3B-24DFB62D7031\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ethernet_network_adapter_x722da4g1p5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"730817AE-77B6-4365-B5AB-FECC26CFD62E\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

wid-sec-w-2022-0978

Vulnerability from csaf_certbund

Published

2022-08-09 22:00

Modified

2023-04-10 22:00

Summary

Intel Ethernet Controller: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controllern ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- BIOS/Firmware

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controllern ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0978 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0978.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0978 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0978"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2022-279 vom 2023-04-09",
        "url": "https://www.dell.com/support/kbdoc/de-de/000205083/dsa-2022-279-dell-poweredge-server-security-update-for-intel-ethernet-controllers-and-adapters-advisory-intel-sa-00593"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory: INTEL-SA-00593 vom 2022-08-09",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory",
        "url": "https://support.lenovo.com/de/de/product_security/ps500504-intel-ethernet-controllers-and-adapters-advisory"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF03800 vom 2022-09-06",
        "url": "https://support.hp.com/us-en/document/ish_6653932-6653960-16/HPSBHF03800"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Ethernet Controller: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2023-04-10T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:33:05.630+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-0978",
      "initial_release_date": "2022-08-09T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-08-09T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-09-06T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2023-04-10T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell PowerEdge \u003c 21.5.9",
            "product": {
              "name": "Dell PowerEdge \u003c 21.5.9",
              "product_id": "T027118",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:21.5.9"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T023191",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Intel Ethernet Controller \u003c  700 Series Ethernet Controllers and Adapters 8.5",
                "product": {
                  "name": "Intel Ethernet Controller \u003c  700 Series Ethernet Controllers and Adapters 8.5",
                  "product_id": "T024219",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:700_series_ethernet_controllers_and_adapters_8.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Ethernet Controller \u003c  722 Series Ethernet Controllers and Adapters 1.5.5",
                "product": {
                  "name": "Intel Ethernet Controller \u003c  722 Series Ethernet Controllers and Adapters 1.5.5",
                  "product_id": "T024220",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:722_series_ethernet_controllers_and_adapters_1.5.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Ethernet Controller \u003c  E810 Ethernet Controllers and Adapters 1.6.1.9",
                "product": {
                  "name": "Intel Ethernet Controller \u003c  E810 Ethernet Controllers and Adapters 1.6.1.9",
                  "product_id": "T024221",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:e810_ethernet_controllers_and_adapters_1.6.1.9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ethernet Controller"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T006520",
              "product_identification_helper": {
                "cpe": "cpe:/o:lenovo:lenovo_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-33126",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controllern existieren mehrere Schwachstellen. Diese sind auf fehlerhafte Zugriffskontrollen zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T023191",
          "T027118"
        ]
      },
      "release_date": "2022-08-09T22:00:00.000+00:00",
      "title": "CVE-2021-33126"
    },
    {
      "cve": "CVE-2021-33128",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controllern existieren mehrere Schwachstellen. Diese sind auf fehlerhafte Zugriffskontrollen zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T023191",
          "T027118"
        ]
      },
      "release_date": "2022-08-09T22:00:00.000+00:00",
      "title": "CVE-2021-33128"
    },
    {
      "cve": "CVE-2022-28709",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controllern existieren mehrere Schwachstellen. Diese sind auf fehlerhafte Zugriffskontrollen zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T023191",
          "T027118"
        ]
      },
      "release_date": "2022-08-09T22:00:00.000+00:00",
      "title": "CVE-2022-28709"
    }
  ]
}

WID-SEC-W-2022-0978

Vulnerability from csaf_certbund

Published

2022-08-09 22:00

Modified

2023-04-10 22:00

Summary

Intel Ethernet Controller: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Produktbeschreibung

Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controllern ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- BIOS/Firmware

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controllern ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0978 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0978.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0978 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0978"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2022-279 vom 2023-04-09",
        "url": "https://www.dell.com/support/kbdoc/de-de/000205083/dsa-2022-279-dell-poweredge-server-security-update-for-intel-ethernet-controllers-and-adapters-advisory-intel-sa-00593"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory: INTEL-SA-00593 vom 2022-08-09",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory",
        "url": "https://support.lenovo.com/de/de/product_security/ps500504-intel-ethernet-controllers-and-adapters-advisory"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF03800 vom 2022-09-06",
        "url": "https://support.hp.com/us-en/document/ish_6653932-6653960-16/HPSBHF03800"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Ethernet Controller: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2023-04-10T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:33:05.630+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-0978",
      "initial_release_date": "2022-08-09T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-08-09T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-09-06T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2023-04-10T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell PowerEdge \u003c 21.5.9",
            "product": {
              "name": "Dell PowerEdge \u003c 21.5.9",
              "product_id": "T027118",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:21.5.9"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T023191",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Intel Ethernet Controller \u003c  700 Series Ethernet Controllers and Adapters 8.5",
                "product": {
                  "name": "Intel Ethernet Controller \u003c  700 Series Ethernet Controllers and Adapters 8.5",
                  "product_id": "T024219",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:700_series_ethernet_controllers_and_adapters_8.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Ethernet Controller \u003c  722 Series Ethernet Controllers and Adapters 1.5.5",
                "product": {
                  "name": "Intel Ethernet Controller \u003c  722 Series Ethernet Controllers and Adapters 1.5.5",
                  "product_id": "T024220",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:722_series_ethernet_controllers_and_adapters_1.5.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Intel Ethernet Controller \u003c  E810 Ethernet Controllers and Adapters 1.6.1.9",
                "product": {
                  "name": "Intel Ethernet Controller \u003c  E810 Ethernet Controllers and Adapters 1.6.1.9",
                  "product_id": "T024221",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:e810_ethernet_controllers_and_adapters_1.6.1.9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ethernet Controller"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T006520",
              "product_identification_helper": {
                "cpe": "cpe:/o:lenovo:lenovo_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-33126",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controllern existieren mehrere Schwachstellen. Diese sind auf fehlerhafte Zugriffskontrollen zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T023191",
          "T027118"
        ]
      },
      "release_date": "2022-08-09T22:00:00.000+00:00",
      "title": "CVE-2021-33126"
    },
    {
      "cve": "CVE-2021-33128",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controllern existieren mehrere Schwachstellen. Diese sind auf fehlerhafte Zugriffskontrollen zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T023191",
          "T027118"
        ]
      },
      "release_date": "2022-08-09T22:00:00.000+00:00",
      "title": "CVE-2021-33128"
    },
    {
      "cve": "CVE-2022-28709",
      "notes": [
        {
          "category": "description",
          "text": "In Intel Ethernet Controllern existieren mehrere Schwachstellen. Diese sind auf fehlerhafte Zugriffskontrollen zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann dies ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006520",
          "T023191",
          "T027118"
        ]
      },
      "release_date": "2022-08-09T22:00:00.000+00:00",
      "title": "CVE-2022-28709"
    }
  ]
}

var-202208-0868

Vulnerability from variot

Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access. ethernet controller xxv710 firmware, ethernet controller xl710 firmware, ethernet controller v710 Multiple Intel products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202208-0868",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ethernet controller v710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8.5"
      },
      {
        "model": "ethernet controller x710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8.5"
      },
      {
        "model": "ethernet network adapter x722da4fh",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1.5.5"
      },
      {
        "model": "ethernet network adapter x722da4g1p5",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1.5.5"
      },
      {
        "model": "ethernet controller xxv710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8.5"
      },
      {
        "model": "ethernet controller xl710",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8.5"
      },
      {
        "model": "ethernet network adapter x722da2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1.5.5"
      },
      {
        "model": "ethernet network adapter x722da4g1p5",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "ethernet controller x710",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "ethernet controller xl710",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "ethernet network adapter x722da2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "ethernet controller xxv710",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "ethernet network adapter x722da4fh",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "ethernet controller v710",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_xxv710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_xxv710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_xl710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_v710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_v710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_x710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_adapter_x722da2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.5.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_adapter_x722da2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_adapter_x722da4fh_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.5.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_adapter_x722da4fh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_adapter_x722da4g1p5_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.5.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_adapter_x722da4g1p5:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      }
    ]
  },
  "cve": "CVE-2021-33126",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 0.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 4.4,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-33126",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-33126",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202208-2666",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access. ethernet controller xxv710 firmware, ethernet controller xl710 firmware, ethernet controller v710 Multiple Intel products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33126"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-33126",
        "trust": 3.3
      },
      {
        "db": "JVN",
        "id": "JVNVU99494206",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.3948",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33126",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33126"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ]
  },
  "id": "VAR-202208-0868",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.52213436
  },
  "last_update_date": "2023-12-18T11:05:13.270000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Intel Ethernet Controllers Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=204872"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "others (CWE-Other) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99494206/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-33126"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2021-33126/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.3948"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33126"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2021-33126"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-08-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-33126"
      },
      {
        "date": "2023-09-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "date": "2022-08-18T20:15:09.500000",
        "db": "NVD",
        "id": "CVE-2021-33126"
      },
      {
        "date": "2022-08-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-08-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-33126"
      },
      {
        "date": "2023-09-27T08:48:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      },
      {
        "date": "2022-08-26T17:23:11.183000",
        "db": "NVD",
        "id": "CVE-2021-33126"
      },
      {
        "date": "2022-08-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerabilities in multiple Intel products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-020208"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202208-2666"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2021-33126

Vulnerability from fkie_nvd

Published

2022-08-18 20:15

Modified

2024-11-21 06:08

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

References

▼	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
intel	ethernet_controller_xxv710_firmware	*
intel	ethernet_controller_xxv710	-
intel	ethernet_controller_xl710_firmware	*
intel	ethernet_controller_xl710	-
intel	ethernet_controller_v710_firmware	*
intel	ethernet_controller_v710	-
intel	ethernet_controller_x710_firmware	*
intel	ethernet_controller_x710	-
intel	ethernet_network_adapter_x722da2_firmware	*
intel	ethernet_network_adapter_x722da2	-
intel	ethernet_network_adapter_x722da4fh_firmware	*
intel	ethernet_network_adapter_x722da4fh	-
intel	ethernet_network_adapter_x722da4g1p5_firmware	*
intel	ethernet_network_adapter_x722da4g1p5	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:ethernet_controller_xxv710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D56EEE87-32A1-4A16-A7FC-032985C1EE1C",
              "versionEndExcluding": "8.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:ethernet_controller_xxv710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A323FC-FB2A-48C4-9A5F-307DFC6CD4A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B3B935-CB71-4FF7-A795-2349BA3B1D87",
              "versionEndExcluding": "8.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:ethernet_controller_xl710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A7EF19-9E60-4ECB-84C9-C5D5843E3B74",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:ethernet_controller_v710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A969A215-B2E8-4489-847E-BA376972F37D",
              "versionEndExcluding": "8.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:ethernet_controller_v710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B0D53A-BF6A-4762-9F8B-A4BD6C1C164A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74B6E734-8539-48B0-A310-B7404B101D6B",
              "versionEndExcluding": "8.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:ethernet_controller_x710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21159CFA-D0C0-41CD-BDFB-90131E7145AB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_x722da2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83D4DFF8-92BB-4BED-AD9E-EE2EB8DA614F",
              "versionEndExcluding": "1.5.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_x722da2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87E963F-D589-4DA8-81E8-EAEB5BB2AB35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_x722da4fh_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3E1B11-CA37-4B3A-AFFF-9EA11194D216",
              "versionEndExcluding": "1.5.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_x722da4fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42E75FB-8504-4B14-8123-FC1220C13E6E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_x722da4g1p5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0BD589A-B3F7-40CB-AA3B-24DFB62D7031",
              "versionEndExcluding": "1.5.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_x722da4g1p5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "730817AE-77B6-4365-B5AB-FECC26CFD62E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access."
    },
    {
      "lang": "es",
      "value": "Un control de acceso inapropiado en el firmware de algunos controladores y adaptadores Ethernet de las series Intel(R) 700 y 722 versiones anteriores a 8.5 y 1.5.5, puede permitir que un usuario privilegiado permita potencialmente la denegaci\u00f3n de servicio por medio de acceso local."
    }
  ],
  "id": "CVE-2021-33126",
  "lastModified": "2024-11-21T06:08:23.633",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-08-18T20:15:09.500",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-8f6q-9972-q659

Vulnerability from github

Published

2022-08-19 00:00

Modified

2022-08-27 00:00

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-33126"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-18T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.",
  "id": "GHSA-8f6q-9972-q659",
  "modified": "2022-08-27T00:00:44Z",
  "published": "2022-08-19T00:00:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33126"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2021-33126

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2021-33126

Aliases

CVE-2021-33126

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-33126",
    "description": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.",
    "id": "GSD-2021-33126"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-33126"
      ],
      "details": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.",
      "id": "GSD-2021-33126",
      "modified": "2023-12-13T01:23:18.251502Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2021-33126",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) 700 and 722 Series Ethernet Controllers and Adapters",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "before versions 8.5 and 1.5.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "denial of service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_xxv710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_xxv710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_xl710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_v710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_v710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_controller_x710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_adapter_x722da2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.5.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_adapter_x722da2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_adapter_x722da4fh_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.5.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_adapter_x722da4fh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_adapter_x722da4g1p5_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.5.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_adapter_x722da4g1p5:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2021-33126"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00593.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-08-26T17:23Z",
      "publishedDate": "2022-08-18T20:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2021-33126

Vulnerability from cvelistv5

wid-sec-w-2022-0978

Vulnerability from csaf_certbund

WID-SEC-W-2022-0978

Vulnerability from csaf_certbund

var-202208-0868

Vulnerability from variot

fkie_cve-2021-33126

Vulnerability from fkie_nvd

ghsa-8f6q-9972-q659

Vulnerability from github

gsd-2021-33126

Vulnerability from gsd

Tags

Sightings

Nomenclature