Lucene search

[email protected]NVD:CVE-2018-19323

HistoryDec 21, 2018 - 11:29 p.m.

CVE-2018-19323

2018-12-2123:29:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.07

Percentile

94.0%

JSON

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).

Affected configurations

Nvd

Node

gigabyteaorus_graphics_engineRange<1.57

gigabytegigabyte_app_centerRange≤1.05.21

gigabyteoc_guru_iiMatch2.08

gigabytextreme_gaming_engineRange<1.26

VendorProductVersionCPE
gigabyteaorus_graphics_engine*cpe:2.3:a:gigabyte:aorus_graphics_engine:*:*:*:*:*:*:*:*
gigabytegigabyte_app_center*cpe:2.3:a:gigabyte:gigabyte_app_center:*:*:*:*:*:*:*:*
gigabyteoc_guru_ii2.08cpe:2.3:a:gigabyte:oc_guru_ii:2.08:*:*:*:*:*:*:*
gigabytextreme_gaming_engine*cpe:2.3:a:gigabyte:xtreme_gaming_engine:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gigabyte	aorus_graphics_engine	*	cpe:2.3:a:gigabyte:aorus_graphics_engine::::::::
gigabyte	gigabyte_app_center	*	cpe:2.3:a:gigabyte:gigabyte_app_center::::::::
gigabyte	oc_guru_ii	2.08	cpe:2.3:a:gigabyte:oc_guru_ii:2.08:::::::*
gigabyte	xtreme_gaming_engine	*	cpe:2.3:a:gigabyte:xtreme_gaming_engine::::::::