Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.
References
Link | Resource |
---|---|
https://security.netapp.com/advisory/ntap-20180802-0001/ | Third Party Advisory |
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00127.html | Mitigation Vendor Advisory |
https://security.netapp.com/advisory/ntap-20180802-0001/ | Third Party Advisory |
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00127.html | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 04:05
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.netapp.com/advisory/ntap-20180802-0001/ - Third Party Advisory | |
References | () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00127.html - Mitigation, Vendor Advisory |
Information
Published : 2018-07-10 21:29
Updated : 2024-11-21 04:05
NVD link : CVE-2018-3652
Mitre link : CVE-2018-3652
CVE.ORG link : CVE-2018-3652
JSON object : View
Products Affected
intel
- xeon_silver
- xeon_e3_1505l_v6
- xeon_e3_1220_v6
- xeon_e3_1505m_v5
- xeon_e3_1270_v5
- xeon_e3_1240_v6
- xeon_bronze_3106
- xeon
- xeon_e3_1260l_v5
- xeon_e3_1230_v5
- xeon_e3
- xeon_e3_1240l_v5
- xeon_e3_1501l_v6
- xeon_e3_1280_v5
- xeon_platinum
- xeon_e3_1220_v5
- xeon_e3_1275_v5
- xeon_e3_1245_v5
- xeon_e3_1275_v6
- xeon_e3_1268l_v5
- xeon_e3_1280_v6
- xeon_e3_1270_v6
- xeon_e3_1225_v5
- xeon_e3_1225_v6
- xeon_e3_1501m_v6
- xeon_e3_1235l_v5
- xeon_gold
- xeon_e3_1230_v6
- xeon_e3_1285_v6
- atom_c
- xeon_e3_1505l_v5
- xeon_e3_1245_v6
- xeon_bronze_3104
- xeon_e3_1240_v5
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor