CVE-2020-24512

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html

https://security.netapp.com/advisory/ntap-20210611-0005/

https://www.debian.org/security/2021/dsa-4934

https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html

https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf

Details

Source: MITRE

Published: 2021-06-09

Updated: 2021-09-09

Type: CWE-203

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 3.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 1.8

Severity: LOW

Tenable Plugins

View all (39 total)

IDNameProductFamilySeverity
154545NewStart CGSL CORE 5.04 / MAIN 5.04 : microcode_ctl Multiple Vulnerabilities (NS-SA-2021-0113)NessusNewStart CGSL Local Security Checks
high
152965RHEL 7 : microcode_ctl (RHSA-2021:3323)NessusRed Hat Local Security Checks
high
152955RHEL 7 : microcode_ctl (RHSA-2021:3322)NessusRed Hat Local Security Checks
high
152930RHEL 8 : microcode_ctl (RHSA-2021:3364)NessusRed Hat Local Security Checks
high
152926RHEL 7 : microcode_ctl (RHSA-2021:3317)NessusRed Hat Local Security Checks
high
152779RHEL 7 : microcode_ctl (RHSA-2021:3255)NessusRed Hat Local Security Checks
high
152627RHEL 8 : microcode_ctl (RHSA-2021:3176)NessusRed Hat Local Security Checks
high
152447RHEL 7 : microcode_ctl (RHSA-2021:3029)NessusRed Hat Local Security Checks
high
152367CentOS 8 : microcode_ctl (CESA-2021:3027)NessusCentOS Local Security Checks
high
152366Oracle Linux 7 : microcode_ctl (ELSA-2021-3028)NessusOracle Linux Local Security Checks
high
152365Oracle Linux 8 : microcode_ctl (ELSA-2021-3027)NessusOracle Linux Local Security Checks
high
152364Scientific Linux Security Update : microcode_ctl on SL7.x x86_64 (2021:3028)NessusScientific Linux Local Security Checks
high
152360CentOS 7 : microcode_ctl (CESA-2021:3028)NessusCentOS Local Security Checks
high
152353RHEL 7 : microcode_ctl (RHSA-2021:3028)NessusRed Hat Local Security Checks
high
152351RHEL 8 : microcode_ctl (RHSA-2021:3027)NessusRed Hat Local Security Checks
high
152078Debian DLA-2718-1 : intel-microcode - LTS security updateNessusDebian Local Security Checks
high
151708openSUSE 15 Security Update : ucode-intel (openSUSE-SU-2021:1933-1)NessusSuSE Local Security Checks
high
151217Oracle Linux 8 : microcode_ctl (ELSA-2021-2308)NessusOracle Linux Local Security Checks
high
151127SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2021:14758-1)NessusSuSE Local Security Checks
high
151073openSUSE 15 Security Update : ucode-intel (openSUSE-SU-2021:0876-1)NessusSuSE Local Security Checks
critical
151037Debian DSA-4934-1 : intel-microcode - security updateNessusDebian Local Security Checks
high
150831CentOS 8 : microcode_ctl (CESA-2021:2308)NessusCentOS Local Security Checks
high
150829RHEL 7 : microcode_ctl (RHSA-2021:2300)NessusRed Hat Local Security Checks
high
150810RHEL 8 : microcode_ctl (RHSA-2021:2308)NessusRed Hat Local Security Checks
high
150808RHEL 8 : microcode_ctl (RHSA-2021:2306)NessusRed Hat Local Security Checks
high
150761Scientific Linux Security Update : microcode_ctl on SL7.x x86_64 (2021:2305)NessusScientific Linux Local Security Checks
high
150745SUSE SLES15 Security Update : ucode-intel (SUSE-SU-2021:1932-1)NessusSuSE Local Security Checks
critical
150740SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2021:1930-1)NessusSuSE Local Security Checks
critical
150737SUSE SLES15 Security Update : ucode-intel (SUSE-SU-2021:1931-1)NessusSuSE Local Security Checks
critical
150731SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2021:1933-1)NessusSuSE Local Security Checks
critical
150726SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2021:1929-1)NessusSuSE Local Security Checks
critical
150693Oracle Linux 7 : microcode_ctl (ELSA-2021-2305)NessusOracle Linux Local Security Checks
high
150394Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : Intel Microcode vulnerabilities (USN-4985-1)NessusUbuntu Local Security Checks
critical
150393RHEL 7 : microcode_ctl (RHSA-2021:2304)NessusRed Hat Local Security Checks
high
150392RHEL 7 : microcode_ctl (RHSA-2021:2301)NessusRed Hat Local Security Checks
high
150391RHEL 8 : microcode_ctl (RHSA-2021:2307)NessusRed Hat Local Security Checks
high
150390RHEL 7 : microcode_ctl (RHSA-2021:2303)NessusRed Hat Local Security Checks
high
150389RHEL 7 : microcode_ctl (RHSA-2021:2302)NessusRed Hat Local Security Checks
high
150388RHEL 7 : microcode_ctl (RHSA-2021:2305)NessusRed Hat Local Security Checks
high