K73837233 : Intel processors vulnerability CVE-2019-0117

2019-11-2100:00:00

my.f5.com

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Security Advisory Description

Insufficient access control in protected memory subsystem for Intel® SGX for 6th, 7th, 8th, 9th Generation Intel® Core™ Processor Families; Intel® Xeon® Processor E3-1500 v5, v6 Families; Intel® Xeon® E-2100 & E-2200 Processor Families with Intel® Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. (CVE-2019-0117)

Impact

There is no impact; F5 products are not affected by this vulnerability.

However, in cloud and Virtual Edition (VE) environments, preventing these attacks falls on the hypervisor/host platform, outside the scope of F5’s ability to support or patch. Please contact your cloud provider or hypervisor vendor to ensure their platforms or products are not subject to this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-ip afmeq11.5.10
big-ip afmeq11.5.2
big-ip afmeq11.5.3

Name	Operator	Version
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-ip afm	eq	11.5.10
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3