6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
15.7%
intel-ucode is vulnerable to Information Disclosure. This vulnerability occurs due to a flaw in the way that the processors handle the management engine interface. An attacker with physical access to the system can exploit this vulnerability to gain unauthorized access to the management engine.
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html
lists.debian.org/debian-lts-announce/2023/08/msg00026.html
lists.fedoraproject.org/archives/list/[email protected]/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/
lists.fedoraproject.org/archives/list/[email protected]/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
security.netapp.com/advisory/ntap-20230824-0003/
www.debian.org/security/2023/dsa-5474