CVE-2018-6239

{"id": "CVE-2018-6239", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-04-12T17:29:00.367", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3."}, {"lang": "es", "value": "NVIDIA Jetson versi\u00f3n TX2 contiene una vulnerabilidad mediante una ejecuci\u00f3n especulativa en la que un c\u00f3digo local y sin privilegios puede acceder a los contenidos de la informaci\u00f3n almacenada en cach\u00e9 de manera no autorizada, lo que puede llevar a la divulgaci\u00f3n de informaci\u00f3n. Las actualizaciones se aplican a todas las versiones anteriores a R28.3."}], "lastModified": "2024-11-21T04:10:21.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:jetson_tx2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1455BBEB-871A-41FE-A4BD-6DC583777252", "versionEndExcluding": "r28.3"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@nvidia.com"}