CVE-2021-33117

Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.

CVSS v3.0 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html	Vendor Advisory
https://security.netapp.com/advisory/ntap-20220818-0001/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:intel:bios:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:xeon_gold_5318h:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8380h:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6328h:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5320h:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6330h:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8353h:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8354h:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6348h:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8376h:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8356h:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8360hl:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6328hl:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8376hl:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8380hl:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6330n:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6338:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8351n:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8352y:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8358:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8380:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6346:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6348:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8352s:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8352v:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8358p:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8368:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8368q:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6314u:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6330:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6338n:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6354:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8360y:-:::::::*
	cpe:2.3:h:intel:xeon_silver_4314:-:::::::*
	cpe:2.3:h:intel:xeon_silver_4316:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5317:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5318n:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5318s:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5318y:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5320t:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6312u:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6326:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6334:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6336y:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6338t:-:::::::*
	cpe:2.3:h:intel:xeon_gold_6342:-:::::::*
	cpe:2.3:h:intel:xeon_silver_4309y:-:::::::*
	cpe:2.3:h:intel:xeon_silver_4310:-:::::::*
	cpe:2.3:h:intel:xeon_silver_4310t:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5315y:-:::::::*
	cpe:2.3:h:intel:xeon_gold_5320:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8352m:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8362:-:::::::*
	cpe:2.3:h:intel:xeon_platinum_8360h:-:::::::*

Configuration 2 (hide)

cpe:2.3:o:netapp:fas\/aff_bios:-:*:*:*:*:*:*:*

Information

Published : 2022-05-12 10:15

Updated : 2022-10-26 15:48

NVD link : CVE-2021-33117

Mitre link : CVE-2021-33117

JSON object : View

CWE

NVD-CWE-Other

Products Affected

intel

xeon_gold_6328h
xeon_platinum_8351n
xeon_gold_5320
xeon_gold_6346
xeon_platinum_8360y
xeon_platinum_8352m
xeon_platinum_8360h
xeon_gold_6328hl
xeon_gold_6330h
xeon_platinum_8360hl
xeon_silver_4310
xeon_gold_5318y
xeon_gold_5315y
xeon_platinum_8380
xeon_silver_4310t
xeon_platinum_8368q
xeon_gold_6336y
xeon_platinum_8358
xeon_platinum_8356h
xeon_gold_6354
xeon_gold_6348
xeon_silver_4316
xeon_gold_5320t
xeon_gold_6312u
xeon_gold_6326
xeon_platinum_8362
bios
xeon_gold_6342
xeon_gold_6338n
xeon_silver_4309y
xeon_silver_4314
xeon_platinum_8353h
xeon_platinum_8352y
xeon_gold_5318h
xeon_platinum_8352v
xeon_gold_6330
xeon_gold_6334
xeon_gold_6330n
xeon_platinum_8358p
xeon_platinum_8352s
xeon_gold_6348h
xeon_gold_5318n
xeon_platinum_8380h
xeon_platinum_8380hl
xeon_platinum_8354h
xeon_gold_6338
xeon_gold_5318s
xeon_gold_6314u
xeon_gold_5320h
xeon_gold_5317
xeon_gold_6338t
xeon_platinum_8376h
xeon_platinum_8376hl
xeon_platinum_8368

netapp

fas\/aff_bios

5.5 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2021-33117

5.5^/10

2.1^/10

Attach tags to `CVE-2021-33117`