- Description
- Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 4.4
- Impact score
- 3.6
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:intel_management_engine_firmware_update_utility:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "995658F4-37C9-478C-B622-02315A6F935F",
"versionEndExcluding": "15.40.30.2879"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:edge_gateway_3200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FBA59414-5A32-4706-85A5-D5459EE22BA5"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:intel_management_engine_firmware_update_utility:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AEE84CB-69AA-45C3-9414-EB9CE7C21531",
"versionEndExcluding": "12.0.94.2380"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:edge_gateway_5200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F6832A53-E950-4572-A178-CF5DC14CACC5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]