CVE-2021-0008

Uncontrolled resource consumption in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow privileged user to potentially enable denial of service via local access.

CVSS v3 4.4 MEDIUM
CVSS v2.0 2.1 LOW

4.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://security.netapp.com/advisory/ntap-20210827-0009/	Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00479.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:intel:ethernet_controller_e810_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:ethernet_controller_e810:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-08-11 13:15

Updated : 2024-02-28 18:28

NVD link : CVE-2021-0008

Mitre link : CVE-2021-0008

CVE.ORG link : CVE-2021-0008

JSON object : View

Products Affected

intel

ethernet_controller_e810
ethernet_controller_e810_firmware

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2021-0008", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.8}]}, "published": "2021-08-11T13:15:15.743", "references": [{"url": "https://security.netapp.com/advisory/ntap-20210827-0009/", "tags": ["Third Party Advisory"], "source": "secure@intel.com"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00479.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled resource consumption in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow privileged user to potentially enable denial of service via local access."}, {"lang": "es", "value": "Un consumo no controlado de recursos en el firmware para los controladores Intel(R) Ethernet Adapters 800 Series y los adaptadores asociados versiones anteriores a 1.5.3.0, puede permitir a un usuario privilegiado habilitar potencialmente una denegaci\u00f3n de servicio por medio del acceso local"}], "lastModified": "2021-09-14T18:34:54.147", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:intel:ethernet_controller_e810_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB2D399-7DB6-40D9-A5F8-CB3118C78548", "versionEndExcluding": "1.5.3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:ethernet_controller_e810:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAAF14CD-89F6-49F3-8E74-3EE0535D8513"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secure@intel.com"}