CVE-2020-24503

medium

Description

Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html

Details

Source: MITRE

Published: 2021-02-17

Updated: 2021-07-21

Type: CWE-863

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM