Lucene search

IntelCVE-2021-33082

HistoryMay 12, 2022 - 5:15 p.m.

CVE-2021-33082

2022-05-1217:15:09

CWE-212

intel

web.nvd.nist.gov

cve-2021-33082

intel

ssd

optane

firmware

information disclosure

physical access

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

28.0%

JSON

Sensitive information in resource not removed before reuse in firmware for some Intel® SSD and Intel® Optane™ SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.

Affected configurations

Nvd

Node

inteloptane_ssd_dc_p4800x_firmwareRange<e2010600

AND

inteloptane_ssd_dc_p4800xMatch-

Node

inteloptane_ssd_dc_p4801x_firmwareRange<e2010600

AND

inteloptane_ssd_dc_p4801xMatch-

Node

inteloptane_ssd_p5800x_firmwareRange<l0310200

AND

inteloptane_ssd_p5800xMatch-

Node

inteloptane_memory_h20_with_solid_state_storage_firmwareRange<pgf028k

AND

inteloptane_memory_h20_with_solid_state_storageMatch-

Node

inteloptane_memory_h10_with_solid_state_storage_firmwareRange<tgf061k

AND

inteloptane_memory_h10_with_solid_state_storageMatch-

Node

inteloptane_ssd_905p_firmwareRange<fw600

AND

inteloptane_ssd_905pMatch-

Node

inteloptane_ssd_900p_firmwareRange<fw600

AND

inteloptane_ssd_900pMatch-

VendorProductVersionCPE
inteloptane_ssd_dc_p4800x_firmware*cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*
inteloptane_ssd_dc_p4800x-cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*
inteloptane_ssd_dc_p4801x_firmware*cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*
inteloptane_ssd_dc_p4801x-cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*
inteloptane_ssd_p5800x_firmware*cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*
inteloptane_ssd_p5800x-cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*
inteloptane_memory_h20_with_solid_state_storage_firmware*cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*
inteloptane_memory_h20_with_solid_state_storage-cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*
inteloptane_memory_h10_with_solid_state_storage_firmware*cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*
inteloptane_memory_h10_with_solid_state_storage-cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	optane_ssd_dc_p4800x_firmware	*	cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware::::::::
intel	optane_ssd_dc_p4800x	-	cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:::::::*
intel	optane_ssd_dc_p4801x_firmware	*	cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware::::::::
intel	optane_ssd_dc_p4801x	-	cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:::::::*
intel	optane_ssd_p5800x_firmware	*	cpe:2.3:o:intel:optane_ssd_p5800x_firmware::::::::
intel	optane_ssd_p5800x	-	cpe:2.3:h:intel:optane_ssd_p5800x:-:::::::*
intel	optane_memory_h20_with_solid_state_storage_firmware	*	cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware::::::::
intel	optane_memory_h20_with_solid_state_storage	-	cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:::::::*
intel	optane_memory_h10_with_solid_state_storage_firmware	*	cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware::::::::
intel	optane_memory_h10_with_solid_state_storage	-	cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:::::::*

Rows per page:

1-10 of 141

CNA Affected

[
  {
    "product": "Intel(R) SSD and Intel(R) Optane(TM) SSD Products",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "See references"
      }
    ]
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html

www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf

Social References

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

28.0%

JSON

Related for CVE-2021-33082