Vulnerabilites related to intel - nmb1xxd256gpsu4
Vulnerability from fkie_nvd
Published
2024-02-14 14:15
Modified
2025-02-20 15:10
Severity ?
6.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:optane_persistent_memory_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0ABBD3-228C-4F02-8BC9-2545FC57E49A",
"versionEndExcluding": "01.00.00.3547",
"versionStartIncluding": "01.00.00.3072",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nma1xxd128gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA3959A-A077-420F-9CF0-FCF926F78A1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nma1xxd128gpsuf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C49C3C48-9452-417D-91A3-6282A5DF564E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nma1xxd256gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF7A9E1-9610-42F8-BE3C-50B6C70EC2CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nma1xxd256gpsuf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29B5FFA-FD00-490D-9E33-2ADC23369773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nma1xxd512gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77357E64-833C-46E7-B84F-29F7ED3D0F31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nma1xxd512gpsuf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E373F80-B81E-4B7F-9407-DD918E39DA90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:optane_persistent_memory_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA941AF-27A6-47B7-B2BC-1D9A88444664",
"versionEndExcluding": "02.00.00.3915",
"versionStartIncluding": "02.00.00.3423",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nmb1xxd128gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED201B-A64E-441E-A952-B3C8C56F87C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nmb1xxd128gpsuf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29CD8FF9-DA6B-4293-8F4B-8B4A02C4C1E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nmb1xxd256gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905C0399-6E5D-4D42-AA3D-D0ECC9117D9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nmb1xxd256gpsuf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7380A6-CB51-4205-AAD7-AB75AB2638B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nmb1xxd512gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A86746AA-047D-4F7F-BD7F-0D18BF47F5EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nmb1xxd512gpsuf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3BC795-DAA0-48C5-BEBC-4A96B4FD3D0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:optane_persistent_memory_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5AB913F-BA30-4911-BC6F-083DFF14F9E6",
"versionEndExcluding": "03.00.00.0483",
"versionStartIncluding": "03.00.00.0302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nmc2xxd128gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D76D5AB-0CF5-40E5-8DA5-31E27F58F236",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nmc2xxd256gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "541DF110-3539-4F20-BAE9-039A969B1763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nmc2xxd512gpsu4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F1535ED-13DC-4C08-BA2D-E8BE50C4A6CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "El control de acceso inadecuado en algunos software Intel(R) Optane(TM) PMem anteriores a las versiones 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 puede permitir que un usuario autentificado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-27517",
"lastModified": "2025-02-20T15:10:10.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.2,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-14T14:15:47.313",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2023-27517
Vulnerability from cvelistv5
Published
2024-02-14 13:38
Modified
2024-08-16 15:51
Severity ?
EPSS score ?
Summary
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Optane(TM) PMem software |
Version: before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:intel:optane_persistent_memory_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "optane_persistent_memory_firmware",
"vendor": "intel",
"versions": [
{
"lessThan": "01.00.00.3547",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "02.00.00.3915",
"status": "affected",
"version": "02.00.00.0000",
"versionType": "custom"
},
{
"lessThan": "03.00.00.0483",
"status": "affected",
"version": "03.00.00.0000",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T19:23:57.345801Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T15:51:16.583Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Optane(TM) PMem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T13:38:00.967Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27517",
"datePublished": "2024-02-14T13:38:00.967Z",
"dateReserved": "2023-03-29T03:00:02.583Z",
"dateUpdated": "2024-08-16T15:51:16.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}