CVE-2022-21125

Published Jun 15, 2022

Last updated a year ago

CVSS medium 5.5

Overview

Description: Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Source: secure@intel.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-459

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "EF4E17C2-244F-4E5A-A5F8-4626CD1AC11A"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95D27137-9FE9-4036-95C5-28B8502A50BA",
            "versionEndExcluding": "1.14.100.3"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7461CA21-255D-4825-AE70-E3EB5D05945E",
            "versionEndExcluding": "1.14.100.3"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66C56CBD-F718-43A4-B097-291D2D6BBD0E",
            "versionEndExcluding": "2.16.100.3"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54F078D2-1BA0-4784-9650-6680ACD84FF6",
            "versionEndExcluding": "2.17.100.3"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF5F9EC2-3359-4364-AB06-64A528AAAE51",
            "versionEndExcluding": "2.16.100.3"
          },
          {
            "criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C7F6964-55CF-4BD2-B483-EA6FE9564037",
            "versionEndExcluding": "2.17.100.3"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C"
          },
          {
            "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References