cvelistv5 - cve-2023-22276

Source	URL	Tags
secure@intel.com	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html	Vendor Advisory
secure@intel.com	https://security.netapp.com/advisory/ntap-20230915-0007/

Vendor	Product
n/a	Intel(R) Ethernet Controllers and Adapters E810 Series

wid-sec-w-2023-2000

Vulnerability from csaf_certbund

Published

2023-08-08 22:00

Modified

2024-06-13 22:00

Summary

Intel Ethernet Controller: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.

Angriff

Ein Angreifer kann mehrere Schwachstellen im Intel Ethernet Controller ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder seine Privilegien zu erweitern.

Betroffene Betriebssysteme

- Linux - MacOS X - Sonstiges - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Intel Ethernet Controller ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder seine Privilegien zu erweitern.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Sonstiges\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2000 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2000.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2000 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2000"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12154 vom 2024-02-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12154.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12153 vom 2024-02-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12153.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12150 vom 2024-02-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12150.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12151 vom 2024-02-13",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12151.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12159 vom 2024-02-15",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12159.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4782-1 vom 2023-12-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017333.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4810-1 vom 2023-12-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017341.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4732-1 vom 2023-12-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017376.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4730-1 vom 2023-12-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017384.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4731-1 vom 2023-12-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017378.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4734-1 vom 2023-12-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017379.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3710 vom 2024-01-11",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3711 vom 2024-01-11",
        "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory: Intel-sa-00835 vom 2023-08-08",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory: Intel-sa-00794 vom 2023-08-08",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6415-1 vom 2023-10-05",
        "url": "https://ubuntu.com/security/notices/USN-6415-1"
      },
      {
        "category": "external",
        "summary": "IGEL Security Notice ISN-2024-06 vom 2024-03-12",
        "url": "https://kb.igel.com/securitysafety/en/isn-2024-06-os-11-kernel-vulnerabilities-117259724.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5594 vom 2024-01-02",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00001.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6516-1 vom 2023-11-27",
        "url": "https://ubuntu.com/security/notices/USN-6516-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6502-2 vom 2023-11-27",
        "url": "https://ubuntu.com/security/notices/USN-6502-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6520-1 vom 2023-11-28",
        "url": "https://ubuntu.com/security/notices/USN-6520-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6502-3 vom 2023-11-28",
        "url": "https://ubuntu.com/security/notices/USN-6502-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6496-2 vom 2023-11-30",
        "url": "https://ubuntu.com/security/notices/USN-6496-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6502-4 vom 2023-11-30",
        "url": "https://ubuntu.com/security/notices/USN-6502-4"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2004 vom 2024-04-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:2004"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2003 vom 2024-04-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:2003"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-2004 vom 2024-04-25",
        "url": "http://linux.oracle.com/errata/ELSA-2024-2004.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:2394"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2950"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3138"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2024:2004 vom 2024-06-06",
        "url": "https://lwn.net/Articles/973020"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7156774 vom 2024-06-07",
        "url": "https://www.ibm.com/support/pages/node/7156774"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2023-208 vom 2024-06-13",
        "url": "https://www.dell.com/support/kbdoc/de-de/000216541/dsa-2023-208-dell-poweredge-server-security-update-for-intel-ethernet-controllers-and-adapters-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Ethernet Controller: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-06-13T22:00:00.000+00:00",
      "generator": {
        "date": "2024-06-14T08:09:00.869+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-2000",
      "initial_release_date": "2023-08-08T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-08-08T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-10-04T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2023-11-27T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2023-11-28T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2023-11-30T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2023-12-13T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-12-14T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-01-02T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-01-11T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-02-12T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-02-14T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-03-12T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von IGEL aufgenommen"
        },
        {
          "date": "2024-04-23T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-24T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-04-29T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-05T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von CentOS aufgenommen"
        },
        {
          "date": "2024-06-09T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-06-13T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "19"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell PowerEdge",
            "product": {
              "name": "Dell PowerEdge",
              "product_id": "T033533",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM QRadar SIEM",
            "product": {
              "name": "IBM QRadar SIEM",
              "product_id": "T021415",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:qradar_siem:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.10.100",
                "product": {
                  "name": "IGEL OS \u003c11.10.100",
                  "product_id": "T033380",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:igel:os:11.10.100"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OS"
          }
        ],
        "category": "vendor",
        "name": "IGEL"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.9.30",
                "product": {
                  "name": "Intel Ethernet Controller \u003c1.9.30",
                  "product_id": "T029186",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:1.9.30"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.7.2.4",
                "product": {
                  "name": "Intel Ethernet Controller \u003c1.7.2.4",
                  "product_id": "T029187",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:ethernet_controller:1.7.2.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ethernet Controller"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-22276",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle im Intel Ethernet Controller. Dieser Fehler ist auf eine Race Condition in der Firmware zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033533",
          "2951",
          "T002207",
          "67646",
          "T033380",
          "T000126",
          "T021415",
          "1727",
          "T004914"
        ]
      },
      "release_date": "2023-08-08T22:00:00Z",
      "title": "CVE-2023-22276"
    },
    {
      "cve": "CVE-2023-25775",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle im Intel Ethernet Controller. Dieser Fehler ist auf eine unsachgem\u00e4\u00dfe Zugriffskontrolle zur\u00fcckzuf\u00fchren. Ein entfernter Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033533",
          "2951",
          "T002207",
          "67646",
          "T033380",
          "T000126",
          "T021415",
          "1727",
          "T004914"
        ]
      },
      "release_date": "2023-08-08T22:00:00Z",
      "title": "CVE-2023-25775"
    }
  ]
}

ghsa-4w59-2w8q-ghq2

Vulnerability from github

Published

2023-08-11 03:30

Modified

2024-04-04 06:50

Severity

6.5 (Medium) - CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-22276"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362",
      "CWE-421"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-11T03:15:16Z",
    "severity": "MODERATE"
  },
  "details": "Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.",
  "id": "GHSA-4w59-2w8q-ghq2",
  "modified": "2024-04-04T06:50:31Z",
  "published": "2023-08-11T03:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22276"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230915-0007"
    },
    {
      "type": "WEB",
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2023-22276

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.

Aliases

CVE-2023-22276

Aliases

CVE-2023-22276

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-22276",
    "id": "GSD-2023-22276"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-22276"
      ],
      "details": "Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.",
      "id": "GSD-2023-22276",
      "modified": "2023-12-13T01:20:42.617720Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2023-22276",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Ethernet Controllers and Adapters E810 Series",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "before version 1.7.2.4"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "denial of service"
              },
              {
                "cweId": "CWE-421",
                "lang": "eng",
                "value": "Race condition"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html",
            "refsource": "MISC",
            "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20230915-0007/",
            "refsource": "MISC",
            "url": "https://security.netapp.com/advisory/ntap-20230915-0007/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_controller_e810-xxvam2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.7.2.4",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_controller_e810-xxvam2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_controller_e810-cam1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.7.2.4",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_controller_e810-cam1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:ethernet_network_controller_e810-cam2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.7.2.4",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:ethernet_network_controller_e810-cam2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2023-22276"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-362"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20230915-0007/",
              "refsource": "MISC",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20230915-0007/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-09-15T14:15Z",
      "publishedDate": "2023-08-11T03:15Z"
    }
  }
}

Action not permitted

cve-2023-22276

Vulnerability from cvelistv5

wid-sec-w-2023-2000

Vulnerability from csaf_certbund

ghsa-4w59-2w8q-ghq2

Vulnerability from github

gsd-2023-22276

Vulnerability from gsd

Tags