CVE-2019-0120

Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access.

CVSS v3.0 4.4 MEDIUM
CVSS v2.0 2.1 LOW

4.4^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html	Vendor Advisory
http://www.securityfocus.com/bid/108485
https://support.f5.com/csp/article/K29002929

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:intel:j5005_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:j5005:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:intel:j4205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:j4205:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:intel:j3710_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:j3710:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:intel:n3540_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:n3540:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:intel:n3530_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:n3530:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:intel:n5000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:n5000:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:intel:celeron_j4005_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:intel:celeron_n4100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:intel:celeron_n4000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:intel:celeron_j4105_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:intel:celeron_j3355_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:intel:celeron_n3350_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:intel:celeron_j3455_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:intel:celeron_n3450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:intel:celeron_j3060_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:intel:celeron_j3160_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:intel:celeron_n3000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:intel:celeron_n2940_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:intel:celeron_n2840_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:intel:celeron_n2930_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:intel:celeron_n2830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:intel:atom_330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_330:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:intel:atom_230_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_230:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:intel:atom_x5-e3930_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:intel:atom_x5-e3940_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:intel:atom_x7-e3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:intel:pentium_silver_j5005_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:intel:pentium_silver_n5000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*

Information

Published : 2019-05-17 09:29

Updated : 2020-08-24 10:37

NVD link : CVE-2019-0120

Mitre link : CVE-2019-0120

JSON object : View

CWE

CWE-522

Insufficiently Protected Credentials

Products Affected

intel

n5000_firmware
celeron_n3350_firmware
celeron_j3455
celeron_n3000
atom_230_firmware
celeron_n2840_firmware
celeron_n4100_firmware
n3540_firmware
j5005
celeron_j4105
n3530
n3530_firmware
celeron_n4000
celeron_j3455_firmware
atom_x5-e3940
celeron_n4000_firmware
celeron_j4105_firmware
j3710
celeron_n3450
atom_x5-e3940_firmware
celeron_n2930_firmware
pentium_silver_n5000
celeron_j3160_firmware
celeron_j4005_firmware
celeron_j4005
j4205
celeron_n2940
j5005_firmware
atom_330_firmware
celeron_j3060_firmware
celeron_n4100
celeron_j3355_firmware
celeron_j3060
n5000
atom_230
pentium_silver_n5000_firmware
celeron_j3355
celeron_n3000_firmware
celeron_n3450_firmware
atom_x7-e3950
celeron_n2830
celeron_n2830_firmware
atom_330
atom_x5-e3930
atom_x7-e3950_firmware
atom_x5-e3930_firmware
celeron_n2930
celeron_n2840
n3540
celeron_n3350
celeron_n2940_firmware
pentium_silver_j5005_firmware
celeron_j3160
j3710_firmware
j4205_firmware
pentium_silver_j5005

4.4 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2019-0120

4.4^/10

2.1^/10

Attach tags to `CVE-2019-0120`