Lucene search

IntelCVE-2020-0584

HistoryNov 12, 2020 - 6:15 p.m.

CVE-2020-0584

2020-11-1218:15:12

CWE-120

intel

web.nvd.nist.gov

cve-2020-0584

buffer overflow

firmware

intel ssd

denial of service

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

26.7%

JSON

Buffer overflow in firmware for Intel® SSD DC P4800X and P4801X Series, Intel® Optane™ SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access.

Affected configurations

Nvd

Node

intelssd_dc_p4800x_firmwareRange<e2010485

AND

intelssd_dc_p4800xMatch-

Node

intelssd_dc_p4801x_firmwareRange<e2010485

AND

intelssd_dc_p4801xMatch-

Node

inteloptane_ssd_900p_firmwareRange<e2010480

AND

inteloptane_ssd_900pMatch-

Node

inteloptane_ssd_905p_firmwareRange<e2010480

AND

inteloptane_ssd_905pMatch-

VendorProductVersionCPE
intelssd_dc_p4800x_firmware*cpe:2.3:o:intel:ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*
intelssd_dc_p4800x-cpe:2.3:h:intel:ssd_dc_p4800x:-:*:*:*:*:*:*:*
intelssd_dc_p4801x_firmware*cpe:2.3:o:intel:ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*
intelssd_dc_p4801x-cpe:2.3:h:intel:ssd_dc_p4801x:-:*:*:*:*:*:*:*
inteloptane_ssd_900p_firmware*cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*
inteloptane_ssd_900p-cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*
inteloptane_ssd_905p_firmware*cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*
inteloptane_ssd_905p-cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	ssd_dc_p4800x_firmware	*	cpe:2.3:o:intel:ssd_dc_p4800x_firmware::::::::
intel	ssd_dc_p4800x	-	cpe:2.3:h:intel:ssd_dc_p4800x:-:::::::*
intel	ssd_dc_p4801x_firmware	*	cpe:2.3:o:intel:ssd_dc_p4801x_firmware::::::::
intel	ssd_dc_p4801x	-	cpe:2.3:h:intel:ssd_dc_p4801x:-:::::::*
intel	optane_ssd_900p_firmware	*	cpe:2.3:o:intel:optane_ssd_900p_firmware::::::::
intel	optane_ssd_900p	-	cpe:2.3:h:intel:optane_ssd_900p:-:::::::*
intel	optane_ssd_905p_firmware	*	cpe:2.3:o:intel:optane_ssd_905p_firmware::::::::
intel	optane_ssd_905p	-	cpe:2.3:h:intel:optane_ssd_905p:-:::::::*

CNA Affected

[
  {
    "product": "Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "See references"
      }
    ]
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00362

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

26.7%

JSON

Related for CVE-2020-0584