CVE-2018-18095

Published: Jul 11, 2019Modified: Nov 21, 2024

6.8

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: NVD

Description

Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.

Affected (2)

Products: Intel: Ssd Dc S4500 Firmware, Ssd Dc S4600 Firmware

Intel

2 products

Ssd Dc S4500 Firmware

Ssd Dc S4600 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Ssd Dc S4500 Firmware	Before scv10150

Running on/with	Platform Versions
Intel Ssd Dc S4500	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Ssd Dc S4600 Firmware	Before scv10150

Running on/with	Platform Versions
Intel Ssd Dc S4600	All versions

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (10)

http://www.securityfocus.com/bid/109103

Source: secure@intel.com

Third Party AdvisoryVDB Entry

https://support.f5.com/csp/article/K62655863

Source: secure@intel.com

https://support.f5.com/csp/article/K62655863?utm_source=f5support&amp%3Butm_medium=RSS

Source: secure@intel.com

https://support.lenovo.com/us/en/product_security/LEN-28116

Source: secure@intel.com

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00267.html

Source: secure@intel.com

PatchVendor Advisory

http://www.securityfocus.com/bid/109103