Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-18095

Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.

Published

2019-07-11T21:15:09.593

Last Modified

2024-11-21T03:55:28.363

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 6.8 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

3.9

Impact Score

6.4

Weaknesses

Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	intel	ssd_dc_s4500_firmware	< scv10150	Yes
Hardware	intel	ssd_dc_s4500	-	No
Operating System	intel	ssd_dc_s4600_firmware	< scv10150	Yes
Hardware	intel	ssd_dc_s4600	-	No

References

http://www.securityfocus.com/bid/109103 Third Party Advisory, VDB Entry ([email protected])
https://support.f5.com/csp/article/K62655863 ([email protected])
https://support.f5.com/csp/article/K62655863?utm_source=f5support&amp%3Butm_medium=RSS ([email protected])
https://support.lenovo.com/us/en/product_security/LEN-28116 Third Party Advisory ([email protected])
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00267.html Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/109103 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://support.f5.com/csp/article/K62655863 (af854a3a-2127-422b-91ae-364da2661108)
https://support.f5.com/csp/article/K62655863?utm_source=f5support&amp%3Butm_medium=RSS (af854a3a-2127-422b-91ae-364da2661108)
https://support.lenovo.com/us/en/product_security/LEN-28116 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00267.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)