[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90122

 
 

140

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-3615Date: (C)2018-08-16   (M)2018-10-23


Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.4CVSS Score : 5.4
Exploit Score: 1.1Exploit Score: 3.4
Impact Score: 4.7Impact Score: 7.8
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: CHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: NONE
Integrity: LOW 
Availability: NONE 
  
Reference:
SECTRACK-1041451
BID-105080
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
VU#982149
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
http://support.lenovo.com/us/en/solutions/LEN-24163
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-201800815-01-cpu-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
https://foreshadowattack.eu/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0008
https://security.netapp.com/advisory/ntap-20180815-0001/
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
https://support.f5.com/csp/article/K35558453
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
https://www.synology.com/support/security/Synology_SA_18_45

CPE    129
cpe:/h:intel:core_i3:6100e
cpe:/h:intel:core_i5:6300hq
cpe:/h:intel:core_i7:8650u
cpe:/h:intel:core_i5:6287u
...
CWE    1
CWE-200
OVAL    4
oval:org.secpod.oval:def:47218
oval:org.secpod.oval:def:1600910
oval:org.secpod.oval:def:1700069
oval:org.secpod.oval:def:47217
...

© SecPod Technologies