CVE-2021-0001

Published Jun 9, 2021

Last updated 3 years ago

Overview

Description: Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.
Source: secure@intel.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.7
Impact score: 3.6
Exploitability score: 1
Vector string: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-203

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C228B092-D84F-4A92-B9A7-C85E069ACE04"
          },
          {
            "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D59D26E-C3A9-425D-BF47-9F100406B55C"
          },
          {
            "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5E59DAE-EDD5-41E2-81EB-68CCEE6111C4"
          },
          {
            "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43B76D8D-6BF9-4468-896B-C41E777E2B19"
          },
          {
            "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46B03979-727A-4230-8B35-7BC9F4C24D7C"
          },
          {
            "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2020:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FCBAD61-98CA-4FC4-B748-E2367EF8D4C4"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "051C831D-C8FB-41F5-B2B9-152C7B7FE66D",
            "versionEndIncluding": "1.10.100.4"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D87FA8C-54D8-4C79-9A46-59563B6A1B05",
            "versionEndIncluding": "1.10.100.4"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0347067C-4AEC-4F6A-B35B-21671FC553F4",
            "versionEndIncluding": "2.12.100.4"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BEB7E68-4C75-42E4-AF30-4643CF166F70",
            "versionEndIncluding": "2.13.100.4"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5717416-A859-45C8-BBF1-F33AF80536B3",
            "versionEndIncluding": "2.12.100.4"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3643652F-9986-48AB-A479-91BC7AFB2847",
            "versionEndIncluding": "2.13.100.4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References