CVE-2019-11139

LOW

Details

Source: MITRE

Published: 2019-11-14

Updated: 2019-11-21

Type: CWE-754

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3.0

Base Score: 6

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Impact Score: 4

Exploitability Score: 1.5

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8153:-:*:*:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8156:-:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8158:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160:-:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160f:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160m:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8160t:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8164:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8168:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8170:-:*:*:*:*:*:*:*

Configuration 12

AND

OR

cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8170m:-:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8176:-:*:*:*:*:*:*:*

Configuration 14

AND

OR

cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8176f:-:*:*:*:*:*:*:*

Configuration 15

AND

OR

cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8176m:-:*:*:*:*:*:*:*

Configuration 16

AND

OR

cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8180:-:*:*:*:*:*:*:*

Configuration 17

AND

OR

cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_8180m:-:*:*:*:*:*:*:*

Configuration 18

AND

OR

cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5115:-:*:*:*:*:*:*:*

Configuration 19

AND

OR

cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5118:-:*:*:*:*:*:*:*

Configuration 20

AND

OR

cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5119t:-:*:*:*:*:*:*:*

Configuration 21

AND

OR

cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5120:-:*:*:*:*:*:*:*

Configuration 22

AND

OR

cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5120t:-:*:*:*:*:*:*:*

Configuration 23

AND

OR

cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_5122:-:*:*:*:*:*:*:*

Configuration 24

AND

OR

cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6126:-:*:*:*:*:*:*:*

Configuration 25

AND

OR

cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6126f:-:*:*:*:*:*:*:*

Configuration 26

AND

OR

cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6126t:-:*:*:*:*:*:*:*

Configuration 27

AND

OR

cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6128:-:*:*:*:*:*:*:*

Configuration 28

AND

OR

cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6130:-:*:*:*:*:*:*:*

Configuration 29

AND

OR

cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6130f:-:*:*:*:*:*:*:*

Configuration 30

AND

OR

cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6130t:-:*:*:*:*:*:*:*

Configuration 31

AND

OR

cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6132:-:*:*:*:*:*:*:*

Configuration 32

AND

OR

cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6134:-:*:*:*:*:*:*:*

Configuration 33

AND

OR

cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6134m:-:*:*:*:*:*:*:*

Configuration 34

AND

OR

cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6136:-:*:*:*:*:*:*:*

Configuration 35

AND

OR

cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6138:-:*:*:*:*:*:*:*

Configuration 36

AND

OR

cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6138f:-:*:*:*:*:*:*:*

Configuration 37

AND

OR

cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6138t:-:*:*:*:*:*:*:*

Configuration 38

AND

OR

cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6140:-:*:*:*:*:*:*:*

Configuration 39

AND

OR

cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6140m:-:*:*:*:*:*:*:*

Configuration 40

AND

OR

cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6142:-:*:*:*:*:*:*:*

Configuration 41

AND

OR

cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6142f:-:*:*:*:*:*:*:*

Configuration 42

AND

OR

cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6144:-:*:*:*:*:*:*:*

Configuration 43

AND

OR

cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6146:-:*:*:*:*:*:*:*

Configuration 44

AND

OR

cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6148:-:*:*:*:*:*:*:*

Configuration 45

AND

OR

cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6148f:-:*:*:*:*:*:*:*

Configuration 46

AND

OR

cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6150:-:*:*:*:*:*:*:*

Configuration 47

AND

OR

cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6152:-:*:*:*:*:*:*:*

Configuration 48

AND

OR

cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_6154:-:*:*:*:*:*:*:*

Configuration 49

AND

OR

cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4108:-:*:*:*:*:*:*:*

Configuration 50

AND

OR

cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4109t:-:*:*:*:*:*:*:*

Configuration 51

AND

OR

cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4110:-:*:*:*:*:*:*:*

Configuration 52

AND

OR

cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4112:-:*:*:*:*:*:*:*

Configuration 53

AND

OR

cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4114:-:*:*:*:*:*:*:*

Configuration 54

AND

OR

cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4114t:-:*:*:*:*:*:*:*

Configuration 55

AND

OR

cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4116:-:*:*:*:*:*:*:*

Configuration 56

AND

OR

cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_4116t:-:*:*:*:*:*:*:*

Configuration 57

AND

OR

cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_3104:-:*:*:*:*:*:*:*

Configuration 58

AND

OR

cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:xeon_3106:-:*:*:*:*:*:*:*

Tenable Plugins

View all (21 total)

IDNameProductFamilySeverity
137739OracleVM 3.3 / 3.4 : microcode_ctl (OVMSA-2020-0026) (Spectre)NessusOracleVM Local Security Checks
low
132513Debian DLA-2051-1 : intel-microcode security updateNessusDebian Local Security Checks
low
131694Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : intel-microcode regression (USN-4182-3)NessusUbuntu Local Security Checks
low
131552SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2019:3091-1)NessusSuSE Local Security Checks
low
131297FreeBSD : FreeBSD -- Intel CPU Microcode Update (fbe10a8a-05a1-11ea-9dfa-f8b156ac3ff9) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Spectre)NessusFreeBSD Local Security Checks
high
131156openSUSE Security Update : ucode-intel (openSUSE-2019-2528)NessusSuSE Local Security Checks
low
131155openSUSE Security Update : ucode-intel (openSUSE-2019-2527)NessusSuSE Local Security Checks
low
131123SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2988-1)NessusSuSE Local Security Checks
low
131122SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2987-1)NessusSuSE Local Security Checks
low
131121SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2986-1)NessusSuSE Local Security Checks
low
131083Amazon Linux AMI : microcode_ctl / kernel (ALAS-2019-1318)NessusAmazon Linux Local Security Checks
low
131082Amazon Linux 2 : microcode_ctl / kernel (ALAS-2019-1364)NessusAmazon Linux Local Security Checks
low
131063openSUSE Security Update : ucode-intel (openSUSE-2019-2509)NessusSuSE Local Security Checks
low
131058openSUSE Security Update : ucode-intel (openSUSE-2019-2504)NessusSuSE Local Security Checks
low
130989Fedora 29 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-7a3fc17778)NessusFedora Local Security Checks
high
130983Debian DSA-4565-1 : intel-microcode - security updateNessusDebian Local Security Checks
low
130962Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Intel Microcode update (USN-4182-1)NessusUbuntu Local Security Checks
low
130957SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:2959-1)NessusSuSE Local Security Checks
low
130956SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2958-1)NessusSuSE Local Security Checks
low
130955SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2957-1)NessusSuSE Local Security Checks
low
130920Fedora 31 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-68d7f68507)NessusFedora Local Security Checks
high