CVE-2023-23908
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/08/2023
Last modified:
07/11/2023
Description
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Impact
Base Score 3.x
4.40
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:intel:microcode:*:*:*:*:*:*:*:* | 20230808 (excluding) | |
| cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html
- https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/
- https://security.netapp.com/advisory/ntap-20230824-0003/
- https://www.debian.org/security/2023/dsa-5474