CVE-2021-33083

Published: May 12, 2022Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.8 / Impact: 3.6

Source: NVD

Description

Improper authentication in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow an privileged user to potentially enable information disclosure via local access.

Affected (7)

Products: Intel: Optane Ssd Dc P4800x Firmware, Optane Ssd Dc P4801x Firmware, Optane Ssd P5800x Firmware, Optane Memory H20 With Solid State Storage Firmware, Optane Memory H10 With Solid State Storage Firmware, Optane Ssd 905p Firmware, Optane Ssd 900p Firmware

Intel

7 products

Optane Ssd Dc P4800x Firmware

Optane Ssd Dc P4801x Firmware

Optane Ssd P5800x Firmware

Optane Memory H20 With Solid State Storage Firmware

Optane Memory H10 With Solid State Storage Firmware

Optane Ssd 905p Firmware

Optane Ssd 900p Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Optane Ssd Dc P4800x Firmware	Before e2010600

Running on/with	Platform Versions
Intel Optane Ssd Dc P4800x	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Optane Ssd Dc P4801x Firmware	Before e2010600

Running on/with	Platform Versions
Intel Optane Ssd Dc P4801x	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Optane Ssd P5800x Firmware	Before l0310200

Running on/with	Platform Versions
Intel Optane Ssd P5800x	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Optane Memory H20 With Solid State Storage Firmware	Before pgf028k

Running on/with	Platform Versions
Intel Optane Memory H20 With Solid State Storage	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Optane Memory H10 With Solid State Storage Firmware	Before tgf061k

Running on/with	Platform Versions
Intel Optane Memory H10 With Solid State Storage	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Optane Ssd 905p Firmware	Before fw600

Running on/with	Platform Versions
Intel Optane Ssd 905p	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Optane Ssd 900p Firmware	Before fw600

Running on/with	Platform Versions
Intel Optane Ssd 900p	All versions

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html

Source: secure@intel.com

MitigationVendor Advisory

https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf

Source: secure@intel.com

Broken Link

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00563.html

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

https://www.solidigm.com/content/dam/newco-aem-site/master/site/support/Solidigm%20SA-000563%20rev1.1.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.